403Webshell
Server IP : 61.19.30.66  /  Your IP : 216.73.216.59
Web Server : Apache/2.2.22 (Ubuntu)
System : Linux klw 3.11.0-15-generic #25~precise1-Ubuntu SMP Thu Jan 30 17:39:31 UTC 2014 x86_64
User : www-data ( 33)
PHP Version : 5.3.10-1ubuntu3.48
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/gpa/pk/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/gpa/pk/print.php.bak
<?
require_once "../config/confiteacher.inc.php";
?>

<html>
<head>
<meta http-equiv=Content-Type content="text/html; charset=tis-620">

<title>ฝ่ายบริหารงานวิชาการ/งานปกครอง</title>

</head>

<body onload="window.print()">
<?
require_once "../config/connectdb.php";
$year=date(" Y ")+542; 
//*** Update Condition ***//
if($_GET["Action"] == "Save")
{
	for($i=1;$i<=$_POST["hdnLine"];$i++)
	{
		$strSQL = "UPDATE transcripsactivi SET ";
		$strSQL .="gradeac = '".$_POST["txtgradeac$i"]."' ";
		$strSQL .="WHERE idacti = '".$_POST["hdnid$i"]."' ";
		
		$objQuery = mysql_query($strSQL);
	}
	//header("location:$_SERVER[PHP_SELF]");
	//exit();
}

$sql2="SELECT years FROM config";
$result2 = mysql_query($sql2);
while (list($years) = mysql_fetch_row($result2)) {
$xsc_years = $years;
$strSQL = "SELECT * FROM pkklw join klw ON klw.Username=pkklw.idspk WHERE dpk = '$_GET[id]'  order by cllass+1 asc,room+1 asc";
$objQuery = mysql_query($strSQL) or die ("Error Query [".$strSQL."]");
$i = 1;

}





?>
<table width="773" border="0" align="center" cellpadding="0" cellspacing="0">
                <tr> 
                  <td width="198"><a href="regis.php"><font color="#FF0000" size="2">หน้าหลัก</font></a>
				  
				  
				  </td>
                  <td width="575"><table width="100%" border="0" cellspacing="1" cellpadding="1">
                     
                    </table></td>
                </tr>
              </table>
<form name="frmMain" method="post" action="totalsave.php?Action=Save">
<table  width="100%" border="0" bgcolor="#999999">
 <center><font size='3' color='red'>รายชื่อนักเรียนขออนุญาตออกนอกสถานศึกษารายวัน  <? echo $_GET[id]; ?></font></center>
  
  <tr bgcolor="#FFFFFF">
    <th width="10"> <div align="center"></div></th>
	 <th width="10"> <div align="center">#</div></th>
    <th width="10"> <div align="center">รหัสนักเรียน</div></th>
	<th width="100"> <div align="center">ชื่อ-นามสกุล</div></th>
	<th width="10"> <div align="center">รายการอนุญาต</div></th>
	 
    <th width="10"> <div align="center">ชั้น</div></th>
	 <th width="10"> <div align="center">ห้อง</div></th>
	
	

  </tr>
<?
$i =0;

while($objResult = mysql_fetch_array($objQuery))

{
if($bg == "#FFFFFF") { //ส่วนของการ สลับสี 
$bg = "#FFFFFF";
} else {
$bg = "#FFFFFF";
}

	$i = $i + 1;
	$timepk =$objResult["timepk"];
	$scor2 =$objResult["scor2"];
	$scor3 =$objResult["scor3"];
	$unit=$scor1+$scor2+$scor3;
	$mid =$objResult["mid"];
	$final =$objResult["final"];
	$room =$objResult['room'];
	$bpk =$objResult['bpk'];

	$cllass =$objResult['cllass'];
?>
  <tr bgcolor="<?=$bg?>">
    <td><div align="center">
	<input type="hidden" name="hdnid<?=$i;?>" size="5" value="<?=$objResult["idin"];?>">
	 <td><?=$i?></td>
	<td><div align="right"><?=$objResult["idspk"];?>
	</div></td>
	<td><div align="left"><font size=2><?=$objResult["prefix"];?><?=$objResult["Name"];?>&nbsp;&nbsp;<?=$objResult["surname"];?></font></div></td>



				<?
											
				$crsql="SELECT tpy FROM pkklwtyp
				WHERE idtpy = '$bpk'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$becos1=$dcrd[0];

				
				$crsql="SELECT count(idspk) FROM pkklw
				WHERE bpk =1 and dpk='$_GET[id]'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$b1=$dcrd[0];


				$crsql="SELECT count(idspk) FROM pkklw
				WHERE bpk =2 and dpk='$_GET[id]'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$b2=$dcrd[0];


				$crsql="SELECT count(idspk) FROM pkklw
				WHERE bpk =3 and dpk='$_GET[id]'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$b3=$dcrd[0];

				$crsql="SELECT count(idspk) FROM pkklw
				WHERE bpk =4 and dpk='$_GET[id]'";
				$slr=mysql_query($crsql) or die(mysql_error()."<br>".$crsql);
				$dcrd = mysql_fetch_array($slr);
				$b4=$dcrd[0];

				$totalall=$b1+$b2+$b3+$b4;					
	             ?>

	<td><div align="left"><? echo "$becos1"; ?>&nbsp;&nbsp;:&nbsp;<? echo "$timepk"; ?>
	</div></td>
   

	
	
                                        

	
    
	
	<td><? echo "$cllass"; ?></td>
	<td><? echo "$room"; ?></td>






  </tr>
<?
	  $i = $i;
  }
  ?>
</table>
</form>
<table>
<tr>
<td>ลาป่วย</td>
<td><? echo "$b1"; ?></td>
</tr>
<tr>
<td>ลากิจ</td>
<td><? echo "$b2"; ?></td>
</tr>
<tr>
<td>ผู้ปกครอง</td>
<td><? echo "$b3"; ?></td>
</tr>
<tr>
<td>อื่นๆ</td>
<td><? echo "$b4"; ?></td>
</tr>

<tr>
<td>รวม</td>
<td><? echo "$totalall"; ?></td>
</tr>

</table>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit