403Webshell
Server IP : 27.254.66.5  /  Your IP : 216.73.217.39
Web Server : Apache/2
System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User : technic2 ( 1951)
PHP Version : 7.4.30
Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/technic2/domains/technicrayong.ac.th/private_html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/technic2/domains/technicrayong.ac.th/private_html//teach_up.php
<?php
include('connect.php'); 
$teach_ac1 =null;
$teach_ac2 =null;
$teach_ac3 =null;
$name_file2 =null;
$name_file3 =null;


	if(isset($_GET['teach_id'])){$teach_id=$_GET['teach_id'];}
	if(isset($_POST['teach_id'])){$teach_id=$_POST['teach_id'];}
	if(isset($_GET['teach_name'])){$teach_name=$_GET['teach_name'];}
	if(isset($_POST['teach_name'])){$teach_name=$_POST['teach_name'];}
	if(isset($_GET['teach_level'])){$teach_level=$_GET['teach_level'];}
	if(isset($_POST['teach_level'])){$teach_level=$_POST['teach_level'];}
	if(isset($_GET['dep_id'])){$dep_id=$_GET['dep_id'];}
	if(isset($_POST['dep_id'])){$dep_id=$_POST['dep_id'];}
	if(isset($_GET['teach_status'])){$teach_status=$_GET['teach_status'];}
	if(isset($_POST['teach_status'])){$teach_status=$_POST['teach_status'];}
	if(isset($_GET['teach_off'])){$teach_off=$_GET['teach_off'];}
	if(isset($_POST['teach_off'])){$teach_off=$_POST['teach_off'];}
	if(isset($_GET['teach_pic'])){$teach_pic=$_GET['teach_pic'];}
	if(isset($_POST['teach_pic'])){$teach_pic=$_POST['teach_pic'];}
	if(isset($_GET['teach_unit'])){$teach_unit=$_GET['teach_unit'];}
	if(isset($_POST['teach_unit'])){$teach_unit=$_POST['teach_unit'];}
	if(isset($_GET['teach_ac1'])){$teach_ac1=$_GET['teach_ac1'];}
	if(isset($_POST['teach_ac1'])){$teach_ac1=$_POST['teach_ac1'];}
	if(isset($_GET['teach_ac2'])){$teach_ac2=$_GET['teach_ac2'];}
	if(isset($_POST['teach_ac2'])){$teach_ac2=$_POST['teach_ac2'];}
	if(isset($_GET['teach_ac3'])){$teach_ac3=$_GET['teach_ac3'];}
	if(isset($_POST['teach_ac3'])){$teach_ac3=$_POST['teach_ac3'];}
	if(isset($_GET['usr_id'])){$usr_id=$_GET['usr_id'];}
	if(isset($_POST['usr_id'])){$usr_id=$_POST['usr_id'];}
	
	if($_POST){
	    if(isset($_FILES['upload'])){
	        $name_file =  $_FILES['upload']['name'];
	        $tmp_name =  $_FILES['upload']['tmp_name'];
	        $locate_img ="teacher/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file);
	    }
		if(isset($_FILES['upload1'])){
	        $name_file1 =  $_FILES['upload1']['name'];
	        $tmp_name =  $_FILES['upload1']['tmp_name'];
	        $locate_img ="pdf/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file1);
	    }
		if(isset($_FILES['upload2'])){
	        $name_file2 =  $_FILES['upload2']['name'];
	        $tmp_name =  $_FILES['upload2']['tmp_name'];
	        $locate_img ="pdf/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file2);
	    }
		if(isset($_FILES['upload3'])){
	        $name_file3 =  $_FILES['upload3']['name'];
	        $tmp_name =  $_FILES['upload3']['tmp_name'];
	        $locate_img ="pdf/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file3);
	    }
	}
	$count = strlen($name_file);
	$count1 = strlen($name_file1);
	if($count != 0 && $count1 == 0 ){
	$sqls = "UPDATE teacher SET teach_name='$teach_name',teach_level='$teach_level',dep_id ='$dep_id',
	teach_status ='$teach_status',teach_off ='$teach_off' ,teach_pic ='$name_file',
	teach_unit ='$teach_unit',teach_ac1 ='$teach_ac1' ,teach_ac2 ='$teach_ac2' ,teach_ac3 ='$teach_ac3'  
	WHERE teach_id='$teach_id'"; 
	$results=mysqli_query($conn,$sqls); 
	if($results==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			}
	}elseif($count != 0 && $count1 != 0 ){
	$sqls = "UPDATE teacher SET teach_name='$teach_name',teach_level='$teach_level',dep_id ='$dep_id',
	teach_status ='$teach_status',teach_off ='$teach_off' ,teach_pic ='$name_file',
	teach_unit ='$teach_unit',teach_ac1 ='$name_file1' ,teach_ac2 ='$name_file2' ,teach_ac3 ='$name_file3' 
	WHERE teach_id='$teach_id'"; 
	$results=mysqli_query($conn,$sqls); 
	if($results==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			}
	}elseif($count == 0 && $count1 == 0 ){
	$sqls = "UPDATE teacher SET teach_name='$teach_name',teach_level='$teach_level',dep_id ='$dep_id',
	teach_status ='$teach_status',teach_off ='$teach_off' ,teach_pic ='$teach_pic',
	teach_unit ='$teach_unit',teach_ac1 ='$teach_ac1' ,teach_ac2 ='$teach_ac2' ,teach_ac3 ='$teach_ac3'  
	WHERE teach_id='$teach_id'"; 
	$results=mysqli_query($conn,$sqls); 
	if($results==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			}
	}elseif($count == 0 && $count1 != 0 ){
	$sqls = "UPDATE teacher SET teach_name='$teach_name',teach_level='$teach_level',dep_id ='$dep_id',
	teach_status ='$teach_status',teach_off ='$teach_off' ,teach_pic ='$teach_pic',
	teach_unit ='$teach_unit',teach_ac1 ='$name_file1' ,teach_ac2 ='$name_file2' ,teach_ac3 ='$name_file3' 
	WHERE teach_id='$teach_id'"; 
	$results=mysqli_query($conn,$sqls); 
	if($results==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			
	}
	}
	?>

Youez - 2016 - github.com/yon3zu
LinuXploit