!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Intranet\C\phpscripts\   drwxrwxrwx
Free 4.08 GB of 39.52 GB (10.32%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     legis2.php (12.14 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$sed 
= isset($user);
if (
$sed == false) {
exit;
}else{

//require('conexion2.php');
//$stmt = Ociparse($c1, " SELECT EU_USERNAME FROM envista.env_users where EU_USERNAME='$user'");
//$result = OCIExecute($stmt);
//if ($result == false) {
//exit;
//}else{
//$cont = 0;
//while (OCIFetchInto($stmt, $value1)) {
//foreach ($value1 as $val1)
//{
//$cont++;
//}}
$cont 1;
if (
$cont == 1) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Legislaci&oacute;n Ambiental Colombiana</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.textopequeno {
    font-family: "Times New Roman", Times, serif;
    font-size: 10px;
    color: #333333;
}
select {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 11px;
    color: #666666;
    background-color: #FFFFF9;
}
.in1 {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 11px;
    color: #666666;
    background-color: #FFFFF9;
}
.in1Copia {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 11px;
    color: #333333;
    background-color: #B9E7FD;
}
a {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 11px;
    color: #006699;
    text-decoration: none;
}
a:hover {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 11px;
    color: #006699;
    text-decoration: underline;
}

-->
</style>
<script language="Javascript1.2">
    //Directory must end with a '/'
    //Examples:
    //  AK_editor_url = "TextAreaPro/"; 
    AK_editor_url = "";
    document.write('<scr' + 'ipt src="' + AK_editor_url+ 'wysiwyg.js" language="Javascript1.2"></scr' + 'ipt>'); 
</script>
</head>

<body topmargin="0">
<table width="100%" border="1" cellpadding="5" cellspacing="0" bordercolor="#FFFFFF">
  <tr> 
    <td width="20%">&nbsp;</td>
    <td width="60%" colspan="3"><div align="center"><img src="legis.gif" width="550" height="150"></div></td>
    <td width="20%">&nbsp;</td>
  </tr>
  <tr> 
    <td>&nbsp;</td>
    <td bordercolor="#CCCCCC" bgcolor="#FFFFF9"><table width="100%" border="0" cellspacing="0" cellpadding="0">
        <tr> 
          <td> <div align="center"><a href="reqlegis.php?user=<?php echo $user?>">Volver 
              a Buscar...</a></div></td>
        </tr>
      </table></td>
    <td bordercolor="#CCCCCC" bgcolor="#F2F2F2">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
        <tr> 
          <td> <div align="center"><a href="#">Agregar Normas...</a></div></td>
        </tr>
      </table>
    </td>
    <td bordercolor="#CCCCCC" bgcolor="#FFFFF9"><table width="100%" border="0" cellspacing="0" cellpadding="0">
        <tr> 
          <td> <div align="center"><a href="reqlegis3.php?user=<?php echo $user ?>">Agregar 
              Entidades...</a></div></td>
        </tr>
      </table></td>
    <td>&nbsp;</td>
  </tr>
  <tr> 
    <td width="20%">&nbsp;</td>
    <td width="60%" colspan="3" bordercolor="#CCCCCC" bgcolor="#FFFFF9"> <form action="" method="post" enctype="multipart/form-data" name="form1">
        <p><font size="5"><strong><font size="2">&gt;&gt;</font> A&ntilde;adir 
          Legislaci&oacute;n...</strong></font></p>
          <?php
          $sed 
= isset($acc);
            if (
$sed == true) {
            if (
$acc == 1) {
            require(
'conexion3.php');
            
$consul "SELECT *
            FROM legis where tipo = '
$tipo' and fecha = '$ano' and numero = '$numero' and entidad = '$entidad'";
            
$result mysql_query($consul,$db);
            
$num_filas mysql_num_rows($result);
            if (
$num_filas 0) {
            
?>
            <p><font color="#000000" size="3" face="Times New Roman, Times, serif">Aviso: Esa norma ya existe.</font></p>
            <?php
            
}else{
          
$fec $mes "/" $ano;
          
$nas $tipo "_" $numero "_de_" $fec;
          
$link "";
            
$query ="INSERT INTO legis VALUES('','$numero','$ano','$entidad','$tipo','$keywords','$MyTextAreaName','$titulo','$link','$mes','$regid')";
            
$result mysql_query($query,$db);
            if (
$result == 0) {
            
?>
            <p><font color="#000000" size="3" face="Times New Roman, Times, serif">Error: No se pudo agregar la norma, intente nuevamente.</font></p>
            <?php
            
}else{
            
?>
            <p><font color="#000000" size="3" face="Times New Roman, Times, serif">Se 
        agrego con &eacute;xito la nueva norma: <?php echo $nas?></font></p>
            <?php
            
}}}}
          
?>
        <p>Ingrese todos los datos que se solicitan, para poder registrar una 
          norma en el sistema general de consulta de legislaci&oacute;n ambiental. 
          Esta agregando <strong><?php echo $user?></strong></p>
        <table width="100%" border="0" cellspacing="0" cellpadding="5">
          <tr bgcolor="#FAFEE2"> 
            <td width="50%"><strong> Tipo: 
              <select name="tipo" id="tipo">
                <option value="Resolucion">Resoluci&oacute;n</option>
                <option value="Decreto">Decreto</option>
                <option value="Ley">Ley</option>
                <option value="Acuerdo">Acuerdo</option>
                <option value="Sentencia">Sentencia</option>
                <option value="Accion Popular">Acci&oacute;n Popular</option>
              </select>
              No. 
              <input name="numero" type="text" class="in1" id="numero" size="6" maxlength="6">
              </strong></td>
            <td width="50%">De,<strong> Mes: 
              <select name="mes" id="mes">
                <option value="01">Enero</option>
                <option value="02">Febrero</option>
                <option value="03">Marzo</option>
                <option value="04">Abril</option>
                <option value="05">Mayo</option>
                <option value="06">Junio</option>
                <option value="07">Julio</option>
                <option value="08">Agosto</option>
                <option value="09">Septiembre</option>
                <option value="10">Octubre</option>
                <option value="11">Noviembre</option>
                <option value="12">Diciembre</option>
              </select>
              A&ntilde;o: 
              <input name="ano" type="text" class="in1" id="ano" value="1900" size="4" maxlength="4">
              </strong></td>
          </tr>
          <tr bgcolor="#FAFEE2">
            <td colspan="2"><table width="100%" border="0" cellspacing="0" cellpadding="0">
                <tr> 
                  <td width="20%"><strong>Emitida por:</strong></td>
                  <td><strong> 
                    <select name="entidad" id="entidad">
                      <?php
              
require('conexion3.php');
              
$consul "SELECT *
            FROM entidad"
;
            
$result mysql_query($consul,$db);
            
$num_filas mysql_num_rows($result);
            while (
$myrow mysql_fetch_array($result))
            {
            
$ide $myrow["id"];
            
$noe $myrow["nomen"];
            echo 
"<option value=\"$ide\">$noe</option>";
            }
              
?>
                    </select>
                    </strong></td>
                </tr>
              </table></td>
          </tr>
          <tr bgcolor="#FAFEE2"> 
            <td colspan="2"> <table width="100%" border="0" cellspacing="0" cellpadding="0">
                <tr> 
                  <td width="20%"><strong>Reglamenta:</strong></td>
                  <td><strong> 
                    <select name="regid" id="regid">
                    <option value="0">Ninguna norma...</option>
                      <?php
              
require('conexion3.php');
              
$consul "SELECT *
            FROM legis"
            
" order by tipo,numero,fecha";
            
$result mysql_query($consul,$db);
            
$num_filas mysql_num_rows($result);
            while (
$myrow mysql_fetch_array($result))
            {
            
$ide $myrow["id"];
            
$tipoe $myrow["tipo"];
            
$numeroe $myrow["numero"];
            
$fechae $myrow["fecha"];
            
$prex $tipoe " " $numeroe " de " $fechae;
            echo 
"<option value=\"$ide\">$prex</option>";
            }
              
?>
                    </select>
                    </strong></td>
                </tr>
              </table></td>
          </tr>
          <tr bgcolor="#FAFEE2"> 
            <td colspan="2"><table width="100%" border="0" cellspacing="0" cellpadding="0">
                <tr> 
                  <td width="20%" valign="top"><strong>Palabras Id:</strong></td>
                  <td><strong> 
                    <input name="keywords" type="text" class="in1Copia" id="keywords" size="40">
                    </strong><font size="1"><br>
                    </font><span class="textopequeno">* Escriba las palabras identificadoras 
                    por las cuales quiere que se encuentre <br>
                    esta norma en el sistema, separadas por comas.</span></td>
                </tr>
              </table></td>
          </tr>
          <tr bgcolor="#FAFEE2"> 
            <td colspan="2"><table width="100%" border="0" cellspacing="0" cellpadding="0">
                <tr> 
                  <td width="20%" valign="top"><strong>Titulo:</strong></td>
                  <td><strong> 
                    <input name="titulo" type="text" class="in1Copia" id="titulo" size="40">
                    </strong><font size="1"><br>
                    </font><span class="textopequeno">* Incluya el considerando 
                    de la norma o t&iacute;tulo.</span></td>
                </tr>
              </table></td>
          </tr>
          <tr bgcolor="#FAFEE2"> 
            <td colspan="2"> <table width="100%" border="0" cellspacing="0" cellpadding="0">
                <tr> 
                  <td width="20%" valign="top"><strong>Texto de la Norma:</strong></td>
                  <td><strong> 
                    <textarea cols="70" rows="20" name="MyTextAreaName">
<font size="+1" color="#0000ff">TESTING</font>
</textarea>
                    <script language="JavaScript">
    //comment any button that you want to hide
    var AK_DisplayedButtons = Array(    
                            'FontName',
                            'FontSize',
                            'SelectAll',
                            'Delete',
                            'Cut',
                            'Copy',
                            'Paste',
                            'SaveAs',
                            'Print',
                            'Separator',    
                            'Bold',
                            'Italic',
                            'Underline',
                            'Strikethrough',
                            'Separator',
                            'JustifyLeft',
                            'JustifyCenter',
                            'JustifyRight',
                            'JustifyFull',
                            'Separator',
                            'InsertOrderedList',
                            'InsertUnorderedList',
                            'Outdent',
                            'Indent',
                            'Separator',
                            'SuperScript',
                            'SubScript',
                            'Separator',
                            'CreateLink',
                            'Unlink',
                            'Image',
                            'Separator',
                            'Forecolor',
                            'Backcolor',
                            'Separator'                            
                                                //the last one has NO comma
                        );
        var AK_width = 400;
        var AK_height = 300;
        
    // All fields are optional. Place "null" where you don't want to specify.
    //ak_wysiwyg_generator(width, height, "TextAreaName", DisplayedButtonList);
      ak_wysiwyg_generator(AK_width, AK_height, "MyTextAreaName", AK_DisplayedButtons);
    
    //Examples:
    // ak_wysiwyg_generator(null, null, "MyTextAreaName", AK_DisplayedButtons);
    // ak_wysiwyg_generator(AK_width, AK_height, null, AK_DisplayedButtons);
    // ak_wysiwyg_generator(AK_width, AK_height, "MyTextAreaName", null);
    
    // It can be no parameter at all
    // ak_wysiwyg_generator();  
</script>
                    </strong></td>
                </tr>
              </table></td>
          </tr>
        </table>
        <p align="center">
          <input name="acc" type="hidden" id="user3" value="1">
          <input name="user" type="hidden" id="user" value="<?php echo $user?>">
          <input name="Submit" type="submit" class="in1" value="Agregar la legislaci&oacute;n...">
        </p>
      </form></td>
    <td width="20%">&nbsp;</td>
  </tr>
  <tr> 
    <td width="20%">&nbsp;</td>
    <td width="60%" colspan="3"><div align="center"><img src="legis2.gif" width="550" height="30"> 
        <br>
        <span class="textopequeno">&copy; Copyright, DAMA 2003. Todos los Derechos 
        Reservados para<br>
        El Departamento T&eacute;cnico Administrativo del Medio Ambiente</span></div></td>
    <td width="20%">&nbsp;</td>
  </tr>
</table>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
</body>
</html>
<?php
//}}
}
//$c2 = OciLogoff($c1);
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--