403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/adminPanel/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/adminPanel/write_category.php
<?php
include_once("session.php");
include_once("settings.php");
foreach ($_REQUEST as $key => $value){
	$$key = $value;
}

$Catgory_Description=addslashes($Catgory_Description);
$Benefits_Usage=addslashes($Benefits_Usage);
$Tag_Line=addslashes($Tag_Line);
$OrderOfApperance=addslashes($OrderOfApperance);
$status=addslashes($status);

$target_path = "../cat_images/catBg/";
$target_path1 = "../cat_images/catBannerImage/";

$prefix=time();

$target_path = $target_path . basename($prefix.$_FILES['image']['name']);
$target_path1 = $target_path1 . basename($prefix.$_FILES['banner_image']['name']);

$pageKey  = str_replace(' ','-',$Category_Name);

if($_REQUEST['mode']=="Edit"){
    
    $Category_Key = sanitize_data(@$Category_Name);
	if($_FILES['image']['name']!="")
	{
		if(move_uploaded_file($_FILES['image']['tmp_name'], $target_path)) {
			chmod($target_path,0777);
			//echo "The file ". basename( $_FILES['file']['name']). " has been uploaded";
			$upload_image=basename($prefix.$_FILES['image']['name']);
		}
		
       $sql	=	"update `tblCategory` set `Category_Name`='$Category_Name',`category_key`='$Category_Key',`Tag_Line`='".mysql_real_escape_string($Tag_Line)."',`Category_Description`='".mysql_real_escape_string($Category_Description)."',`Benefits_Usage`='".$Benefits_Usage."',`Category_Image`='$upload_image',`Species_Id`='$Species_Id',
	   `OrderOfApperance`='$OrderOfApperance',`status`='$status',`Page_title` ='$Page_title',`Meta_keyword` ='$Meta_keyword',`Meta_description` ='$Meta_description' where `Category_Id`='$id'";
	   mysql_query($sql);
	}
	
	if($_FILES['banner_image']['name']!="")
	{
		if(move_uploaded_file($_FILES['banner_image']['tmp_name'], $target_path1)) {
			chmod($target_path1,0777);
			//echo "The file ". basename( $_FILES['file']['name']). " has been uploaded";
			$upload_banner_image=basename($prefix.$_FILES['banner_image']['name']);
		}
		
        $sql	=	"update `tblCategory` set `Category_Name`='$Category_Name',`category_key`='$Category_Key',`Tag_Line`='".mysql_real_escape_string($Tag_Line)."',`Category_Description`='".mysql_real_escape_string($Category_Description)."',`Benefits_Usage`='".$Benefits_Usage."',`banner_image`='$upload_banner_image',`Species_Id`='$Species_Id', `OrderOfApperance`='$OrderOfApperance',`status`='$status',`Page_title` ='$Page_title',`Meta_keyword` ='$Meta_keyword',`Meta_description` ='$Meta_description' where `Category_Id`='$id'";
	 mysql_query($sql);
	}
	
	   $sql	=	"update `tblCategory` set `Category_Name`='$Category_Name',`category_key`='$Category_Key',`Tag_Line`='".mysql_real_escape_string($Tag_Line)."',`Category_Description`='".mysql_real_escape_string($Category_Description)."',`Benefits_Usage`='".$Benefits_Usage."',`Species_Id`='$Species_Id',`OrderOfApperance`='$OrderOfApperance',`status`='$status',`Page_title` ='$Page_title',`Meta_keyword` ='$Meta_keyword',`Meta_description` ='$Meta_description' where `Category_Id`='$id'";
//           echo "<pre>";
//           print_r($sql);die;
//        
}
else{

	if($_FILES['image']['name']!=""){
		if(move_uploaded_file($_FILES['image']['tmp_name'], $target_path)) {
			chmod($target_path,0777); 
			//echo "The file ". basename( $_FILES['file']['name']). " has been uploaded";
			$upload_image=basename($prefix.$_FILES['image']['name']);				
		}		
	}
	
	if($_FILES['banner_image']['name']!=""){
		if(move_uploaded_file($_FILES['banner_image']['tmp_name'], $target_path1)) {
			chmod($target_path1,0777); 
			//echo "The file ". basename( $_FILES['file']['name']). " has been uploaded";
			$upload_banner_image=basename($prefix.$_FILES['banner_image']['name']);				
		}		
	}
	
	$sql	=	"insert into `tblCategory` (`Category_Name`,`category_key`,`Species_Id`,`Category_Image`,`Tag_Line`,`Category_Description`,`Benefits_Usage`,`banner_image`,`OrderOfApperance`,`status`,`Page_title`,`Meta_keyword`,`Meta_description`) value ('$Category_Name','$Category_Key','$Species_Id','$upload_image','".mysql_real_escape_string($Tag_Line)."', '".mysql_real_escape_string($Category_Description)."','".$Benefits_Usage."','".$upload_banner_image."','".$OrderOfApperance."','".$status."','".$Page_title."','".$Meta_keyword."','".$Meta_description."')";
//echo "<pre>";
//print_r($sql);die;
        
                }

$result	=	mysql_query($sql) or die(mysql_error());

?>
<script>
document.location="category_list.php?page=listcategory"
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit