403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rsdgroup/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rsdgroup/writeComplaint.php
<?php
include_once("conf/settings.php");
include_once("conf/func.php");

/*echo "<pre>";
print_r($_REQUEST);
echo "</pre>";*/

foreach ($_REQUEST as $key => $value){
	 $$key = $value;
}

$sql	=	sprintf("INSERT INTO 
			`tblComplaint`(
				`reqType`,
				`custName`,
				`custEmail`,
				`custPhone`,
				`custAddress`,
				`brandId`,
				`remarks`,
				`createdOn`)
			VALUES
				('%s','%s','%s','%s','%s','%s','%s',unix_timestamp())",
				mysql_real_escape_string(sanitize_data(@$requestType)),
				mysql_real_escape_string(sanitize_data(@$custName)),
				mysql_real_escape_string(sanitize_data(@$custEmail)),
				mysql_real_escape_string(sanitize_data(@$custPhone)),
				mysql_real_escape_string(sanitize_data(@$custAddress)),
				mysql_real_escape_string(sanitize_data(@$brandId)),
				mysql_real_escape_string(sanitize_data(@$remarks))
				);
$result	=	mysql_query($sql) or die(mysql_error());

$lastId	=	mysql_insert_id();

if(count($suggestions) > 0){
	$lim = count($suggestions);
	$sql	=	"INSERT INTO `tblComplaintSuggestions` (`complaintId`, `suggestions`) VALUES ";
	$i = 1;
	foreach($suggestions as $key => $val){
		if($i < $lim) {$comma = ",";} else{$comma = "";}
		$sql1	.=	"(".$lastId.", '".mysql_real_escape_string($val)."')".$comma;
		$i++;
	}
	$query =  $sql.$sql1;
	$result	=	mysql_query($query) or die(mysql_error());
}


if(count($suggestionType) > 0){
	$lim = count($suggestionType);
	$sqlType	=	"INSERT INTO `tblComplaintSuggestionType` (`complaintId`, `suggestionType`) VALUES ";
	$i = 1;
	foreach($suggestionType as $key => $val){
		if($i < $lim) {$comma = ",";} else{$comma = "";}
		$sqlType1	.=	"(".$lastId.", '".mysql_real_escape_string($val)."')".$comma;
		$i++;
	}
	$query =  $sqlType.$sqlType1;
	$result	=	mysql_query($query) or die(mysql_error());
}


if(count($category) > 0){
	$lim = count($category);
	$sqlCat	=	"INSERT INTO `tblComplaintProdCategory` (`complaintId`, `prodCategory`) VALUES ";
	$i = 1;
	foreach($category as $key => $val){
		if($i < $lim) {$comma = ",";} else{$comma = "";}
		$sqlCat1	.=	"(".$lastId.", '".mysql_real_escape_string($val)."')".$comma;
		$i++;
	}
	$query =  $sqlCat.$sqlCat1;
	$result	=	mysql_query($query) or die(mysql_error());
}
?>
<?php if($result) { ?>
<script>
	document.location="customer_complaint.html?msg=success";
</script>
<?php } 
else{  ?>
<script>
	document.location="customer_complaint.html?msg=err";
</script>
<?php }
?>

Youez - 2016 - github.com/yon3zu
LinuXploit