403Webshell
Server IP : 119.59.102.212  /  Your IP : 3.133.157.170
Web Server : Apache/2
System : Linux narin 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User : yangkam ( 1022)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/user/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/user/health_manage_user.php
<?php
/*
// Status Package Module
$status_module=select_query("status_module","cms_status_module","id","9");
if($status_module[0]!=1)	{	
	fieldset_no_module();
}
*/
// permssion
if($_SESSION[admin_web]!="admin" and !id_top_permission("health_system_admin")){	
	permission_fail();			
}

import_request_variables('pG', 'p_');
if($p_keyword!="")							{	     $keyword=trim($p_keyword);		}
if($p_hide!="")								{	     $hide=trim($p_hide);			}
if($p_id_user!="")								{	     $id_user=trim($p_id_user);			}


$navig['manage_user']="จัดการระบบสมาชิก";
navigator($navig);
echo "<br>";
bar_header("จัดการระบบสมาชิก"); // Bar_Header
fieldset_top("จัดการระบบสมาชิก");
?>
<form name="search_user" method="post" action="">
	<table align="center" width="98%" border="0">
		<tr>
			<td align="center">
				<?php echo print_arr1();?> ค้นหาสมาชิก
			</td>
<?
			echo "<td>";
			echo "<input type='text' name='keyword' size='20%'/> ";
			echo "<input type='submit' name='btn_submit_search' value='ค้นหาสมาชิก'>";
		echo"</tr>";
	echo"</table>";
echo"</form>";

		if($keyword!="")
			 $sql_search = "SELECT * FROM cms_main_user as user inner join cms_user_profile as profile on (user.id_user = profile.id_user) and profile.name LIKE '%$keyword%' or profile.name LIKE '%surname%' order by user.levels ASC ,profile.name ASC";
		else
			 $sql_search = "SELECT * FROM cms_main_user as user left outer join cms_user_profile as profile on (user.id_user = profile.id_user) order by user.levels ASC ,profile.name ASC";
			 
			 $result = query($sql_search);
			
		echo"<table width='100%' border='0' align='center' cellpadding='1' cellspacing='1' bgcolor='$_SESSION[tb_bgcolor]'>";
			echo"<tr height='20' bgcolor='$_SESSION[tb_head_bgcolor]'>";
				// ################order
					echo "<td align='center'>";
						echo "<b>ลำดับ</b>";
					echo "</td>";
			
				// ################ username	
					echo "<td  align='center'>";
						echo "<b>ชื่อล็อกอิน</b>";
					echo "</td>";
			
				// ################ profile name and surname
					echo "<td  align='center'>";
						echo "<b>ชื่อ - สกุล</b>";
					echo "</td>";			
				
				// ################ email
					echo "<td  align='center'>";
						echo "<b>อีเมล์</b>";
					echo "</td>";
					
				// ################ การจัดการ
					echo "<td align='center'>";
						echo "<b>การจัดการ</b>";
					echo "</td>";
					
								
				echo "</tr>";
			
		$count_user = 1;
			 while ($user = mysql_fetch_array ($result))
			 { 
			 if($user[id_user]==$_SESSION['id_user_admin']) { $bg='ffcc00'; }
			 
			 else if($count_user%2==0) 	$bg='dddddd';
			 else						$bg='eeeeee';
		
			echo"  <tr height='20' bgcolor='$bg'>";
				// ################order
					echo "<td align='center' width='10%'>";
						echo $count_user;
					echo "</td>";
				
				// ################ username	
					echo "<td  align='left' width='25%'>";
						echo "&nbsp;&nbsp;";
						echo $user["user"];
					echo "</td>";
				
				// ################ profile name and surname
					echo "<td  align='left' width='25%'>";;
						echo "&nbsp;&nbsp;";
						echo $user["name"]."  ".$user["surname"];
					echo "</td>";
				
				// ################ email
					echo "<td  align='left' width='20%'>";;
						echo "&nbsp;&nbsp;";
						echo $user["email"];
					echo "</td>";	
					
					// ################ การจัดการ
					echo "<td  align='center'>";
					
					$arr_module = explode(",",$user['module_access']);	
				
					//echo "xx".in_array("health_system_admin",$arr_module);

					if($user["levels"]=="admin" and $user["id_user"]==1){
						echo "ผู้ดูแลระบบสูงสุด";
					}else if($user["levels"]=="admin" and $_SESSION[id_user_admin]==1){\
							box_group("index.php?mod=health_manage_permission&path=user&id_user=$user[id_user]");
			
						
					}else if(in_array("health_system_admin",$arr_module) or $user["levels"]=="admin"){
						echo "จัดการสิทธิ์ผู้ดูแลระบบเดียวกันไม่ได้";
					}else{
					
							box_group("index.php?mod=health_manage_permission&path=user&id_user=$user[id_user]");
							
					}		

					echo "</td>";

					
				echo "</tr>";
				$count_user++;
			 }
		echo "</table>";
	fieldset_down();
?>

<script language="javascript">
	function delconfirm(){
		if(confirm("่ท่านแน่ใจหรือไม่ที่จะลบผู้ใช้งานนี้"))
			return true
		else
		 return false;
		return false;
	}
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit