403Webshell
Server IP : 27.254.66.5  /  Your IP : 216.73.217.39
Web Server : Apache/2
System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User : technic2 ( 1951)
PHP Version : 7.4.30
Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/technic2/domains/technicrayong.ac.th/public_html/rytc/newgen/manage/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/technic2/domains/technicrayong.ac.th/public_html/rytc/newgen/manage/check_insert.php
<?php


@session_start();
$date=$_POST["date"];
$month=$_POST["month"];
$year=$_POST["year"];
$news_type=$_POST["news_type"];
$topics=$_POST["topics"];
$details=$_POST["details"];
$image=$_POST["image-name"];
$file_pdf=$_POST["file_pdf-name"];
$link1=$_POST["link1"];
$img_pdf_ok = 1;

if(($image!="") && ($file_pdf!="")){
    $target_dir = "../assets/uploads/image/";
    $target_dir_pdf = "../assets/uploads/pdf/";
    $target_file = $target_dir . basename($_FILES["imgInp"]["name"]);
    $target_file_pdf = $target_dir_pdf . basename($_FILES["file_pdf"]["name"]);
    $uploadOk = 1;
    $imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
    $imageFileTypePdf = strtolower(pathinfo($target_file_pdf,PATHINFO_EXTENSION));
    if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["imgInp"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
    }
    if (file_exists($target_file)) {
        echo "Sorry, file already exists.";
        $img_pdf_ok = 2;
        $uploadOk = 0;
    }
    if (file_exists($target_file_pdf)) {
        echo "Sorry, file already exists.";
        $uploadOk = 0;
        $img_pdf_ok = 3;
    }
    if($imageFileTypePdf != "pdf") {
        echo "Sorry, only PDF files are allowed.";
        $uploadOk = 0;
        $img_pdf_ok = 4;
    }
    if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
    && $imageFileType != "gif" ) {
        echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
        $uploadOk = 0;
        $img_pdf_ok = 5;
    }
    if ($uploadOk == 0) {
        echo "Sorry, your file was not uploaded.";
    } else {
        if (move_uploaded_file($_FILES["imgInp"]["tmp_name"], $target_file)) {
        echo "The file ". htmlspecialchars( basename( $_FILES["imgInp"]["name"])). " has been uploaded.";
            if (move_uploaded_file($_FILES["file_pdf"]["tmp_name"], $target_file_pdf)) {
                echo "The file ". htmlspecialchars( basename( $_FILES["file_pdf"]["name"])). " has been uploaded.";
                $img_pdf_ok = 1;
            }
        } else {
        echo "Sorry, there was an error uploading your file.";
        }
    } 
}else if($file_pdf!=""){
    $target_dir = "../assets/uploads/pdf/";
    $target_file = $target_dir . basename($_FILES["file_pdf"]["name"]);
    $uploadOk = 1;
    $imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
    if (file_exists($target_file)) {
        echo "Sorry, file already exists.";
        $uploadOk = 0;
        $img_pdf_ok = 3;
    }
    if($imageFileType != "pdf") {
        echo "Sorry, only PDF files are allowed.";
        $uploadOk = 0;
        $img_pdf_ok = 4;
    }
    if ($uploadOk == 0) {
        echo "Sorry, your file was not uploaded.";
    } else {
        if (move_uploaded_file($_FILES["file_pdf"]["tmp_name"], $target_file)) {
        echo "The file ". htmlspecialchars( basename( $_FILES["file_pdf"]["name"])). " has been uploaded.";
        $img_pdf_ok = 1;
        } else {
        echo "Sorry, there was an error uploading your file.";
        }
    } 
}else if($image!=""){
    $target_dir = "../assets/uploads/image/";
    $target_file = $target_dir . basename($_FILES["imgInp"]["name"]);
    $uploadOk = 1;
    $imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
    if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["imgInp"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
    }
    if (file_exists($target_file)) {
        echo "Sorry, file already exists.";
        $img_pdf_ok = 2;
        $uploadOk = 0;
    }
    if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
    && $imageFileType != "gif" ) {
        echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
        $uploadOk = 0;
        $img_pdf_ok = 5;
    }
    if ($uploadOk == 0) {
        echo "Sorry, your file was not uploaded.";
    } else {
        if (move_uploaded_file($_FILES["imgInp"]["tmp_name"], $target_file)) {
        echo "The file ". htmlspecialchars( basename( $_FILES["imgInp"]["name"])). " has been uploaded.";
        $img_pdf_ok = 1;
        } else {
        echo "Sorry, there was an error uploading your file.";
        }
    } 
}

if($img_pdf_ok==2){
    ?>
    <script>alert("มีไฟล์รูปภาพนี้อยู่แล้ว")</script>
    <?php
    header("Refresh:1; url=main.php");
}else if($img_pdf_ok==3){
    ?>
    <script>alert("มีไฟล์นี้อยู่แล้ว")</script>
    <?php
    header("Refresh:1; url=main.php");
}else if($img_pdf_ok==4){
    ?>
    <script>alert("ไฟล์นี้ไม่ใช่ pdf")</script>
    <?php
    header("Refresh:1; url=main.php");
}else if($img_pdf_ok==5){
    ?>
    <script>alert("ไฟล์นี้ไม่ใช่รูปภาพ")</script>
    <?php
    header("Refresh:1; url=main.php");
}else if($img_pdf_ok==1){
    @include("assets/function/connectdb.php");
    $sql_insert="INSERT INTO `news_detail` (`news_detail_id`, `date`, `month`, `year`, `news_type`, `topics`, `image`, `details`, `files_pdf`, `link1`, `link2`, `link3`) 
    VALUES (NULL, '$date', '$month', '$year', '$news_type', '$topics', '$image', '$details', '$file_pdf', '$link1', '', '');";
    $sql_query_register=mysqli_query($conn,$sql_insert);
    ?>
    <script>alert("เพิ่มข้อมูลข่าวประชาสัมพันธ์เรียบร้อยแล้วครับ!!")</script>
    <?php
    header("Refresh:1; url=main.php");   
}
?>


Youez - 2016 - github.com/yon3zu
LinuXploit