403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/adminPanel/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/adminPanel/write_home_banner.php
<?php
include_once("session.php");
include_once("settings.php");

foreach ($_REQUEST as $key => $value) {
    $$key = $value;
}

$target_path = "../cat_images/homeBanner/";
$prefix = time();
$target_path = $target_path . basename($prefix . $_FILES['image']['name']);

$title = $_POST['title'];
$first_line_text = $_POST['first_linetext'];
$Second_line_text = $_POST['Second_linetext'];
$status  =  $_POST['status'];   
$date = date("Y-m-d H:i:s");
$session_name = $_SESSION['username'];

//           EDIT code
if ($_REQUEST['mode'] == "Edit") {  
       
    $Image_Data="select * from tbl_home_banner where id = '" .$_POST['id']. "'"; 
    $query=  mysql_query($Image_Data); 
    $rows = mysql_fetch_assoc($query);

    if ($_FILES['image']['name'] != "") {
        
        $image_path = @unlink("../cat_images/homeBanner/".$rows['image']);
        if (move_uploaded_file($_FILES['image']['tmp_name'], $target_path)) {
            chmod($target_path, 0777);
            $upload_image = basename($prefix . $_FILES['image']['name']);
        }
    } else {
        $upload_image = $rows['image'];
    }

    $sql = "update tbl_home_banner set title = '" . $title . "',first_line_text = '" . $first_line_text . "',Second_line_text = '" . $Second_line_text . "',image = '" . $upload_image . "',Status = '" . $status . "',Created_at = '" . $date . "',Created_by = '" . $session_name . "',updated_at = '" . $date . "',updated_by = '" . $session_name . "' where id = '" . $_POST['id'] . "'";

}   
else {

    if ($_FILES['image']['name'] != "") {
        if (move_uploaded_file($_FILES['image']['tmp_name'], $target_path)) {
            chmod($target_path, 0777);
            $upload_image = basename($prefix . $_FILES['image']['name']);
        }
    }
    $sql = "insert into tbl_home_banner (title,image,first_line_text,Second_line_text,Status,Created_at,Created_by,updated_at,updated_by) VALUES ('$title','$upload_image', '$first_line_text','$Second_line_text','$status','$date','$session_name','$date','$session_name')";
     
}

$result = mysql_query($sql) 
        or die(mysql_error());
?>

<script>
    document.location = "banner_home_list.php?page=listhomeBanner";
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit