Tn Jones Shell Bypass
:
18.216.167.229
:
160.187.54.56 / upgov.net
:
Linux 160-187-54-56.cprapid.com 4.18.0-553.22.1.lve.1.el7h.x86_64 #1 SMP Tue Oct 8 14:36:03 UTC 2024 x86_64
:
/
home
/
upgov
/
www
/
rmpyrll
/
Upload File:
files >> /home/upgov/www/rmpyrll/ad_attandance_hold.php
<?php date_default_timezone_set("Asia/Kolkata"); ?> <?php include("connection.php"); session_start(); if (!isset($_SESSION['user']) || ($_SESSION['password'] == '')) { header("location:payrolLogin/ramalogin.php"); exit(); } if(isset($_SESSION['user'])) { $username=$_SESSION['user']; } $user_query = mysql_query("SELECT * FROM loginrama where user='$username' ")or die(mysql_error()); $user_row = mysql_fetch_array($user_query); $username = $user_row['user']; ?> <?php include("connection.php"); $msg=""; if(isset($_REQUEST['submit'])) { $bill=$_REQUEST['bill']; $pfile=$_REQUEST['pfile']; $sfile=$_REQUEST['sfile']; $dept=$_REQUEST['dept']; $sche=$_REQUEST['scheme']; $hos=$_REQUEST['hospital']; $Division=$_REQUEST['division']; $district=$_REQUEST['district1']; $month=$_REQUEST['month']; $feedback=$_REQUEST['feedback']; $remark=$_REQUEST['remark']; $totempwork=$_REQUEST['totempwork']; $totempatt=$_REQUEST['totempatt']; $att_month=$_REQUEST['att_month']; $att_year=$_REQUEST['att_year']; $filedate=date("d-m-y,h:i:s"); $hvalue="H".time(); $sq=mysql_query("select * from health where department LIKE '$dept' and scheme LIKE '$sche' and hospital LIKE '$hos' and district LIKE '$district' and month LIKE '$month'")or die("Details already Exist in our Record"); $r = mysql_fetch_array($sq); $a1=$r['department']; $a=$r['scheme']; $b=$r['district']; $c=$r['month']; $d=$r['attandance']; if(mysql_num_rows($sq)>0) { $msg="<font color='red'>ALready Uploaded Attendance in this Month $sq</font><img src='$d'/ width='200' height='100'>"; } else { $uploadDir = 'document/'; $image_name = time()."-".$month; $extension = end(explode(".", $_FILES["attandance"]["name"])); if ($_FILES["attandance"]["error"] > 0) { echo "" . $_FILES["attandance"]["error"]; }else{ $attandance= $uploadDir . $image_name . $_FILES["attandance"]["name"]; move_uploaded_file($_FILES["attandance"]["tmp_name"], $attandance); } if($sql=mysql_query("insert into health(idhealth, department, scheme,hospital,district,month,att_month,att_year,attandance,attformdate,bill,billformdate,payment,pay_remark,payformdate,salary,salformdate,feedback,remark,totemp,totempatt,Dispatch_mode,carier_name,Mobile_no,tracking_id,Dispatch_date,Dispatch_remark,Delivery_date,Delivery_remark,text1,text2,text3,text4,text5,text6,text7) values ('$hvalue','$dept','$sche','$hos','$district','$month','$att_month','$att_year','$attandance','$filedate','$bill','$file1','$pfile','$pay_remark','$paydate','$sfile','$sdate','$feedback','$remark','$totempwork','$totempatt','$Dispatch_mode','$carier_name','$Mobile_no','$tracking_id','$Dispatch_date','$Dispatch_remark','$Delivery_date','$Delivery_remark','$text1','$Division','$text3','$text4','$text5','$text6','$text7')")) { echo "<script>"; echo "location.href='admin_attreport.php'"; echo "</script>"; $msg="<font color='navy'>Record saved</font>"; } else { $msg="ALready exist in record<br>insert into health(idhealth, department, scheme,hospital,district,month,att_month,att_year,attandance,attformdate,bill,billformdate,payment,pay_remark,payformdate,salary,salformdate,feedback,remark,totemp,totempatt,Dispatch_mode,carier_name,Mobile_no,tracking_id,Dispatch_date,Dispatch_remark,Delivery_date,Delivery_remark,text1,text2,text3,text4,text5,text6,text7) values ('$hvalue','$dept','$sche','$hos','$district','$month','$att_month','$att_year','$attandance','$filedate','$bill','$file1','$pfile','$pay_remark','$paydate','$sfile','$sdate','$feedback','$remark','$totempwork','$totempatt','$Dispatch_mode','$carier_name','$Mobile_no','$tracking_id','$Dispatch_date','$Dispatch_remark','$Delivery_date','$Delivery_remark','$text1','$Division','$text3','$text4','$text5','$text6','$text7')"; } } } ?> <!DOCTYPE html> <html> <head> <title>Payroll</title> <link href="css/bootstrap.css" rel='stylesheet' type='text/css'/> <!-- jQuery (necessary for Bootstrap's JavaScript plugins) --> <script src="js/jquery.min.js"></script> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="keywords" content="Payroll Responsive web template, Bootstrap Web Templates, Flat Web Templates, Andriod Compatible web template, Smartphone Compatible web template, free webdesigns for Nokia, Samsung, LG, SonyErricsson, Motorola web design" /> <script type="application/x-javascript"> addEventListener("load", function() { setTimeout(hideURLbar, 0); }, false); function hideURLbar(){ window.scrollTo(0,1); } </script> <link rel="stylesheet" href="css/flexslider.css" type="text/css" media="screen" /> <link href="css/style.css" rel="stylesheet" type="text/css" media="all" /> <!---- start-smoth-scrolling----> <script type="text/javascript" src="js/move-top.js"></script> <script type="text/javascript" src="js/easing.js"></script> <script src="js/jquery.easydropdown.js"></script> <script src="js/cbpViewModeSwitch.js" type="text/javascript"></script> <script> function ValidateFileUpload() { var fuData = document.getElementById('attandance'); var FileUploadPath = fuData.value; if (FileUploadPath == '') { alert("Please upload an image"); } else { var Extension = FileUploadPath.substring(FileUploadPath.lastIndexOf('.') + 1).toLowerCase(); if (Extension == "gif" || Extension == "png" || Extension == "bmp" || Extension == "jpeg" || Extension == "jpg" || Extension == "pdf") { if (fuData.files && fuData.files[0]) { var size = fuData.files[0].size; if(size >= 1024000) { alert("Maximum file 918 Kb width (1000 pixel) * height (1000pixel)"); document.getElementById('attandance').value=""; document.getElementById('attandance').focus(); return; }else{ var reader = new FileReader(); reader.onload = function(e) { $('#blah').attr('src', e.target.result); } reader.readAsDataURL(fuData.files[0]); } } } else { alert("Photo only allows file types of GIF, PNG, JPG, JPEG and BMP. "); document.getElementById('attandance').value=""; document.getElementById('attandance').focus(); } } } </script> <script> function showUser(str) { if (str == "") { document.getElementById("ss1").innerHTML =""; return; } else { if (window.XMLHttpRequest) { // code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp = new XMLHttpRequest(); } else { // code for IE6, IE5 xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { document.getElementById("ss1").innerHTML = xmlhttp.responseText; } }; xmlhttp.open("GET","data.php?na="+str,true); xmlhttp.send(); } } function showUser0(str0) { if (str0 == "") { document.getElementById("divi22").innerHTML =""; return; } else { if (window.XMLHttpRequest) { // code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp = new XMLHttpRequest(); } else { // code for IE6, IE5 xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { document.getElementById("divi22").innerHTML = xmlhttp.responseText; } }; xmlhttp.open("GET","data0.php?na1="+str0,true); xmlhttp.send(); } } function showUser1(str1) { var a=document.getElementById("scheme").value; if (str1 == "") { document.getElementById("dist22").innerHTML =""; return; } else { if (window.XMLHttpRequest) { // code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp = new XMLHttpRequest(); } else { // code for IE6, IE5 xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { document.getElementById("dist22").innerHTML = xmlhttp.responseText; } }; xmlhttp.open("GET","data1.php?na1="+str1+"&na4="+a,true); xmlhttp.send(); } } function showUser2(str2) { var a=document.getElementById("scheme").value; if (str2 == "") { document.getElementById("div1").innerHTML =""; return; } else { if (window.XMLHttpRequest) { // code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp = new XMLHttpRequest(); } else { // code for IE6, IE5 xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { document.getElementById("div1").innerHTML = xmlhttp.responseText; } }; xmlhttp.open("GET","data2.php?na2="+str2+"&na4="+a,true); xmlhttp.send(); } } //SCANNER function showmonth(s2) { if (s2 == "") { document.getElementById("month1").innerHTML =""; return; } else { if (window.XMLHttpRequest) { // code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp = new XMLHttpRequest(); } else { // code for IE6, IE5 xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { document.getElementById("month1").innerHTML = xmlhttp.responseText; } }; xmlhttp.open("GET","datamonth.php?na2="+s2,true); xmlhttp.send(); } } </script> </head> <body> <div class="header"> <div class="container"> <div class="logo"> <a href="../index.html"><img src="images/logo.png" alt=""/></a> </div> <div class="top-menu"> <span class="menu"> </span> </div> <div id="sb-search" class="sb-search"> <h4 align="right"><a href="logout.php"><img src="images/logout.jpg"></a></h4> </div> <!-- search-scripts --> <script src="js/classie.js"></script> <script src="js/uisearch.js"></script> <!-- //search-scripts --> <div class="clearfix"></div> </div> <div class="clearfix"></div> </div> <!-- header-section-ends --> <div class="content"> <br> <div class="good-design"> <h3>ATTENDANCE</h3> <form method="POST" enctype="multipart/form-data"> <table style="border:1px solid black;width:35%;" class="form" cellpadding="2px" align="center" > <tr><td colspan="2" style="border:1px solid black;background-color:#2A5CAA;color:white" align="center"><b>UPLOAD ATTENDANCE</b></td></tr> <marquee behavior="alternate"><font color="red" size="+1"><b>कृपया Upload की जाने वाली File के नाम में किसी भी प्रकार के Special Character (`!@#$%^&*()_+=-;',./":<>?][}{\|) का इस्तेमाल न करें | अन्यथा Attendance मान्य नहीं होगी | </b></font></marquee> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Department</font></strong></td> <td><select name="dept" style="height:32px;width:250px;" required="required" onChange="showUser(this.value)"> <option value=""></option> <?php $sql=mysql_query("SELECT distinct department FROM login")or die(mysql_error()); while($r = mysql_fetch_array($sql)) { ?> <option value="<?php echo $r['department'];?>"><?php echo $r['department'];?></option> <?php } ?> </select></td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Scheme</font></strong></td> <td><div id="ss1"><input class="inp-text" name="scheme" id="scheme" required type="text" size="30" style="width:250px;height:30px;text-transform:uppercase;color:black;" /></div></td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Division</font></strong></td> <td><div id="divi22"><select name="division" id="division" style="height:32px;width:250px;" title="division is requried" placeholder="division" required="required"> <option value=""></option> </select> </div> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">District</font></strong></td> <td><div id="dist22"><select name="district1" id="district1" style="height:32px;width:250px;" title="District1 is requried" placeholder="District1" required="required"> <option value=""></option> </select> </div> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"></strong></td> <td> <div id="div1"> </div> <div id="month1"> </div> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Month</font></strong></td> <td><select name="month" id="month" required="required" type="text" style="width:250px;height:30px;text-transform:uppercase;color:black;" onChange="showmonth(this.value)"/> <option value=""></option> <?php $sql=mysql_query("SELECT m.DB_MonthName, m.Display_Name FROM monthorder m order by m.MonthOrder DESC")or die("Error in qurey"); //$sql=mysql_query("SELECT distinct DB_MonthName FROM monthorder order by DB_MonthName")or die(mysql_error()); while($r = mysql_fetch_array($sql)) { ?> <option value="<?php echo $r['DB_MonthName'];?>"><?php echo $r['DB_MonthName'];?></option> <?php } ?> </select> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Upload File (only 1024 kb)</font></strong></td> <td align="center"><input name="attandance" id="attandance" required onChange="return ValidateFileUpload()" type="file" size="30" style="width:250px;height:30px;text-transform:uppercase;color:black;" /></td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Feedback</font></strong></td> <td align="center"><select name="feedback" id="feedback" required="required" style="width:250px;height:30px;text-transform:uppercase;color:black;" > <option value=""></option> <option value="SATISFIED">SATISFIED</option> <option value="NOT SATISFIED">NOT SATISFIED</option> </select> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Remark</font></strong></td> <td align="center"> <input name="remark" id="remark" type="text" style="width:250px;height:30px;text-transform:uppercase;color:black;" /> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Total Employee Working</font></strong></td> <td align="center"><select name="totempwork" id="totempwork" required="required" style="width:250px;height:30px;text-transform:uppercase;color:black;" > <option value=""></option> <script type="text/javascript">for(var j=1;j<500;j++)document.write("<option value="+j+">"+j+"</option>"); </script> </select> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Total Employee Attendance</font></strong></td> <td align="center"><select name="totempatt" id="totempatt" required="required" style="width:250px;height:30px;text-transform:uppercase;color:black;" > <option value=""></option> <script type="text/javascript">for(var j=1;j<500;j++)document.write("<option value="+j+">"+j+"</option>"); </script> </select> </select> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="center" colspan="2"> <table style="width:20%;"><tr><td> <input class="send_btn" name="submit" type="submit" value="Submit" alt="Submit" title="Submit" style="font-weight:bold;width:100px;height:30px;background-color:#2A5CAA;color:white;"/></td> <td> <a href="admin_attreport.php"><input type="button" name="" value="Back" style="font-weight:bold;width:100px;height:30px;background-color:#2A5CAA;color:white;"></a> </td> <td> <a href="page2.php"><input type="button" name="" value="Home" style="font-weight:bold;width:130px;height:30px;background-color:#2A5CAA;color:white;"></a> </td> </tr></table></td> </tr> </table> <br> <?php echo $msg;?> </div><br><br><br> </form> <div class="footer"> <div class="container"> <div class="clearfix"></div> <div class="footer-bottom"> <p>© 2016 | Design by<a href="http://ramaipl.com/"> Rama Infotech Pvt Ltd</a> || For Updated View Press Ctrl+F5 </p> </div> <script type="text/javascript"> $(document).ready(function() { /* var defaults = { containerID: 'toTop', // fading element id containerHoverID: 'toTopHover', // fading element hover id scrollSpeed: 1200, easingType: 'linear' }; */ $().UItoTop({ easingType: 'easeOutQuart' }); }); </script> <a href="#" id="toTop" style="display: block;"> <span id="toTopHover" style="opacity: 1;"> </span></a> </div> </div> </body> </html>