403Webshell
Server IP : 27.254.66.5  /  Your IP : 216.73.217.39
Web Server : Apache/2
System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User : technic2 ( 1951)
PHP Version : 7.4.30
Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/technic2/domains/technicrayong.ac.th/public_html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/technic2/domains/technicrayong.ac.th/public_html//Ed_regist_stu_s.php
<?php
include('connect.php'); 
	if(isset($_GET['stu_id'])){$stu_id=$_GET['stu_id'];}
	if(isset($_POST['stu_id'])){$stu_id=$_POST['stu_id'];}
	if(isset($_GET['stu_name'])){$stu_name=$_GET['stu_name'];}
	if(isset($_POST['stu_name'])){$stu_name=$_POST['stu_name'];}
	if(isset($_GET['stu_pic1'])){$stu_pic1=$_GET['stu_pic1'];}
	if(isset($_POST['stu_pic1'])){$stu_pic1=$_POST['stu_pic1'];}
	if(isset($_GET['stu_pic2'])){$stu_pic2=$_GET['stu_pic2'];}
	if(isset($_POST['stu_pic2'])){$stu_pic2=$_POST['stu_pic2'];}
	if(isset($_GET['stu_pic3'])){$stu_pic3=$_GET['stu_pic3'];}
	if(isset($_POST['stu_pic3'])){$stu_pic3=$_POST['stu_pic3'];}
	if(isset($_GET['stu_pic4'])){$stu_pic4=$_GET['stu_pic4'];}
	if(isset($_POST['stu_pic4'])){$stu_pic4=$_POST['stu_pic4'];}
	if(isset($_GET['stu_pic5'])){$stu_pic5=$_GET['stu_pic5'];}
	if(isset($_POST['stu_pic5'])){$stu_pic5=$_POST['stu_pic5'];}
	if(isset($_GET['usr_id'])){$usr_id=$_GET['usr_id'];}
	if(isset($_POST['usr_id'])){$usr_id=$_POST['usr_id'];}
	
	if($_POST){
	    if(isset($_FILES['upload1'])){
	        $name_file1 =  $_FILES['upload1']['name'];
	        $tmp_name =  $_FILES['upload1']['tmp_name'];
	        $locate_img ="student/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file1);
	    }
		if(isset($_FILES['upload2'])){
	        $name_file2 =  $_FILES['upload2']['name'];
	        $tmp_name =  $_FILES['upload2']['tmp_name'];
	        $locate_img ="student/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file2);
	    }
		if(isset($_FILES['upload3'])){
	        $name_file3 =  $_FILES['upload3']['name'];
	        $tmp_name =  $_FILES['upload3']['tmp_name'];
	        $locate_img ="student/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file3);
	    }
		if(isset($_FILES['upload4'])){
	        $name_file4 =  $_FILES['upload4']['name'];
	        $tmp_name =  $_FILES['upload4']['tmp_name'];
	        $locate_img ="student/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file4);
	    }
		if(isset($_FILES['upload5'])){
	        $name_file5 =  $_FILES['upload5']['name'];
	        $tmp_name =  $_FILES['upload5']['tmp_name'];
	        $locate_img ="student/";
	        move_uploaded_file($tmp_name,$locate_img.$name_file5);
	    }
	}
	$count1 = strlen($name_file1);
	$count2 = strlen($name_file2);
	$count3 = strlen($name_file3);
	$count4 = strlen($name_file4);
	$count5 = strlen($name_file5);
	
	if($count1 != '0'){
		$sqls = "UPDATE student SET stu_pic1='$name_file1' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count1 == '0'){
		$sqls = "UPDATE student SET stu_pic1='$stu_pic1' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count2 != '0'){
		$sqls = "UPDATE student SET stu_pic2='$name_file2' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count2 == '0'){
		$sqls = "UPDATE student SET stu_pic2='$stu_pic2' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count3 != '0'){
		$sqls = "UPDATE student SET stu_pic3='$name_file3' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count3 == '0'){
		$sqls = "UPDATE student SET stu_pic3='$stu_pic3' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count4 != '0'){
		$sqls = "UPDATE student SET stu_pic4='$name_file4' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count4 == '0'){
		$sqls = "UPDATE student SET stu_pic4='$stu_pic4' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count5 != '0'){
		$sqls = "UPDATE student SET stu_pic5='$name_file5' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}if($count5 == '0'){
		$sqls = "UPDATE student SET stu_pic5='$stu_pic5' WHERE stu_id='$stu_id'"; 
	$results=mysqli_query($conn,$sqls); 
	}
	$sql = "UPDATE student SET stu_name='$stu_name' WHERE stu_id='$stu_id'"; 
	$result=mysqli_query($conn,$sql); 
	if($result==1){
					echo "<script language=\"javascript\">";
					echo "alert(\"New Events has been successfully added.\")";
					echo "</script>";
					header("location:admin_page.php?usr_id=$usr_id");
			
			}
	
	?>

Youez - 2016 - github.com/yon3zu
LinuXploit