403Webshell
Server IP : 27.254.66.5  /  Your IP : 216.73.217.39
Web Server : Apache/2
System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User : technic2 ( 1951)
PHP Version : 7.4.30
Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/technic2/public_html/old-website/vecsc/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/technic2/public_html/old-website/vecsc/save_register2.php.bak
<?php
Ob_start();
session_start();
//echo $_SESSION["counter"] . '<br>';
?>
<!doctype html>
<html lang="en">
 <head>
  <meta charset="UTF-8">
  <meta name="Generator" content="EditPlus®">
  <meta name="Author" content="">
  <meta name="Keywords" content="">
  <meta name="Description" content="">
  <!-- meta http-equiv="refresh" content="5; url=register1.php" -->
  <title>Document</title>
 </head>
 <body>

<?php

function cal_amount($position_id) {
	
	if ($position_id == 1)  {
		
		$amount = 300;
		return $amount;
	} else {

		$amount = 250;
		return $amount;
	}

    echo "$fname Refsnes.<br>";
}

echo $_POST['college_id'] . '<br>';
echo $_POST['tacsa_id'] . '<br>';
echo $_POST['level_id'] . '<br>';
echo '1' . ' ' . $_POST['position_id1'] . ' ' . $_POST['tname1'] . ' ' . $_POST['fname1'] . ' ' . $_POST['lname1'] . ' ' . $_POST['polo_size1'] . ' ' . cal_amount($_POST['position_id1']) . '<br>' ;

echo '2' . ' ' . $_POST['position_id2'] . ' ' . $_POST['tname2'] . ' ' . $_POST['fname2'] . ' ' . $_POST['lname2'] . ' ' . $_POST['polo_size2'] . ' ' . cal_amount($_POST['position_id2']) . '<br>' ;

echo '3' . ' ' . $_POST['position_id3'] . ' ' . $_POST['tname3'] . ' ' . $_POST['fname3'] . ' ' . $_POST['lname3'] . ' ' . $_POST['polo_size3'] . ' ' . cal_amount($_POST['position_id3']) . '<br>' ;

echo '4' . ' ' . $_POST['position_id4'] . ' ' . $_POST['tname4'] . ' ' . $_POST['fname4'] . ' ' . $_POST['lname4'] . ' ' . $_POST['polo_size4'] . ' ' . cal_amount($_POST['position_id4']) . '<br>' ;

echo '5' . ' ' . $_POST['position_id5'] . ' ' . $_POST['tname5'] . ' ' . $_POST['fname5'] . ' ' . $_POST['lname5'] . ' ' . $_POST['polo_size5'] . ' ' . cal_amount($_POST['position_id5']) . '<br>' ;

echo '6' . ' ' . $_POST['position_id6'] . ' ' . $_POST['tname6'] . ' ' . $_POST['fname6'] . ' ' . $_POST['lname6'] . ' ' . $_POST['polo_size6'] . ' ' . cal_amount($_POST['position_id6']) . '<br>' ;

echo '7' . ' ' . $_POST['position_id7'] . ' ' . $_POST['tname7'] . ' ' . $_POST['fname7'] . ' ' . $_POST['lname7'] . ' ' . $_POST['polo_size7'] . ' ' . cal_amount($_POST['position_id7']) . '<br>' ;

echo '8' . ' ' . $_POST['position_id8'] . ' ' . $_POST['tname8'] . ' ' . $_POST['fname8'] . ' ' . $_POST['lname8'] . ' ' . $_POST['polo_size8'] . ' ' . cal_amount($_POST['position_id8']) . '<br>' ;

echo $_POST['phone'] . '<br>';


if ($_POST['college_id'] <> '' and $_POST['tacsa_id'] <> '' and $_POST['level_id'] <> '' and $_SESSION["counter"] == 1) {

// Create connection
require_once('config.php');

// Check connection
if (!$conn) {
    die('Connection failed: ' . mysqli_connect_error());
}

mysqli_set_charset($conn,'utf8');

if ($_POST['position_id1'] <> '' and $_POST['tname1'] <> '' and $_POST['fname1'] <> '' and $_POST['lname1'] <> '' and $_POST['polo_size1'] <> '') {

	$sql1 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id1'] . "', '" . $_POST['tname1'] . "', '" . $_POST['fname1'] . "', '" . $_POST['lname1'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size1'] . "', '" . cal_amount($_POST['position_id1']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql1);

}

if ($_POST['position_id2'] <> '' and $_POST['tname2'] <> '' and $_POST['fname2'] <> '' and $_POST['lname2'] <> '' and $_POST['polo_size2'] <> '') {

	$sql2 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id2'] . "', '" . $_POST['tname2'] . "', '" . $_POST['fname2'] . "', '" . $_POST['lname2'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size2'] . "', '" . cal_amount($_POST['position_id2']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql2);

}

if ($_POST['position_id3'] <> '' and $_POST['tname3'] <> '' and $_POST['fname3'] <> '' and $_POST['lname3'] <> '' and $_POST['polo_size3'] <> '') {

	$sql3 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id3'] . "', '" . $_POST['tname3'] . "', '" . $_POST['fname3'] . "', '" . $_POST['lname3'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size3'] . "', '" . cal_amount($_POST['position_id3']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql3);

}

if ($_POST['position_id4'] <> '' and $_POST['tname4'] <> '' and $_POST['fname4'] <> '' and $_POST['lname4'] <> '' and $_POST['polo_size4'] <> '') {

	$sql4 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id4'] . "', '" . $_POST['tname4'] . "', '" . $_POST['fname4'] . "', '" . $_POST['lname4'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size4'] . "', '" . cal_amount($_POST['position_id4']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql4);

}

if ($_POST['position_id5'] <> '' and $_POST['tname5'] <> '' and $_POST['fname5'] <> '' and $_POST['lname5'] <> '' and $_POST['polo_size5'] <> '') {

	$sql5 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id5'] . "', '" . $_POST['tname5'] . "', '" . $_POST['fname5'] . "', '" . $_POST['lname5'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size5'] . "', '" . cal_amount($_POST['position_id5']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql5);

}

if ($_POST['position_id6'] <> '' and $_POST['tname6'] <> '' and $_POST['fname6'] <> '' and $_POST['lname6'] <> '' and $_POST['polo_size6'] <> '') {

	$sql6 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id6'] . "', '" . $_POST['tname6'] . "', '" . $_POST['fname6'] . "', '" . $_POST['lname6'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size6'] . "', '" . cal_amount($_POST['position_id6']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql6);

}

if ($_POST['position_id7'] <> '' and $_POST['tname7'] <> '' and $_POST['fname7'] <> '' and $_POST['lname7'] <> '' and $_POST['polo_size7'] <> '') {

	$sql7 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id7'] . "', '" . $_POST['tname7'] . "', '" . $_POST['fname7'] . "', '" . $_POST['lname7'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size7'] . "', '" . cal_amount($_POST['position_id7']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql7);

}

if ($_POST['position_id8'] <> '' and $_POST['tname8'] <> '' and $_POST['fname8'] <> '' and $_POST['lname8'] <> '' and $_POST['polo_size8'] <> '') {

	$sql8 = "INSERT INTO tacsa (position_id, tname, fname, lname, level, polo_size, amount, college_id, phone, timestamp) VALUES ('" . $_POST['position_id8'] . "', '" . $_POST['tname8'] . "', '" . $_POST['fname8'] . "', '" . $_POST['lname8'] . "', '" . $_POST['level_id'] . "', '" . $_POST['polo_size8'] . "', '" . cal_amount($_POST['position_id8']) . "', '" . $_POST['college_id'] . "','" . $_POST['phone'] . "', Now())";
	mysqli_query($conn, $sql8);

}

mysqli_close($conn);

echo '<center>' . 'บันทึกข้อมูลเรียบร้อยแล้ว' . '<br>';
echo 'กรุณาจำรหัส ' . $_POST['college_id'] . " สำหรับเข้าไปแก้ไขข้อมูล" . '</center>';
$_SESSION["counter"] = 0;

} else {

	echo '<center>' . 'ข้อมูลไม่ถูกต้อง กลับไปกรอกอีกครั้ง' . '</center>';


}



?>

<br>
<center>
<a href="./register2.php">กลับหน้าหลัก</a>
</center>
 </body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit