403Webshell
Server IP : 192.169.170.185  /  Your IP : 216.73.216.97
Web Server : Apache
System : Linux p3plmcpnl495852.prod.phx3.secureserver.net 4.18.0-553.52.1.lve.el8.x86_64 #1 SMP Wed May 21 15:31:29 UTC 2025 x86_64
User : akhilnew ( 1712764)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/akhilnew/public_html/datacomjournal.com/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/akhilnew/public_html/datacomjournal.com/admin/boardrequest.php
<?php
if($opt1 && $opt1 === 'add' && $opt2):
	$stmt = $mysqli->prepare("SELECT $firstcol, category, name, degree, post, content, email, phone, picture, resume, creation FROM $table WHERE $firstcol = ? LIMIT 1") or die($mysqli->error);
	$stmt->bind_param('i', $opt2);
	$stmt->execute();
	$stmt->store_result();
	$count_rows = $stmt->num_rows();
	$stmt->bind_result($id, $category, $name, $degree, $post, $content, $email, $phone, $picture, $resume, $creation);
	$stmt->fetch();
	$stmt->close();
	if($count_rows === 1):
		function categories(){
			global $mysqli;$html = '';
			$stmt = $mysqli->prepare("SELECT TRIM(category) FROM editors GROUP BY TRIM(category) ORDER BY TRIM(category) ASC") or die($mysqli->error);
			$stmt->execute();
			$stmt->store_result();
			$stmt->bind_result($category);
			while($stmt->fetch()):
				$html .= $category ? '<option value="'.$category.'">'.$category.'</option>' : '';
			endwhile;
			$stmt->close();
			return $html;
		}
		$categories = categories();
		function subcategories(){
			global $mysqli;$html = '';
			$stmt = $mysqli->prepare("SELECT TRIM(subcategory) FROM editors GROUP BY TRIM(subcategory) ORDER BY TRIM(subcategory) ASC") or die($mysqli->error);
			$stmt->execute();
			$stmt->store_result();
			$stmt->bind_result($subcategory);
			while($stmt->fetch()):
				$html .= $subcategory ? '<option value="'.$subcategory.'">'.$subcategory.'</option>' : '';
			endwhile;
			$stmt->close();
			return $html;
		}
		$subcategories = subcategories();
echo <<<EOJ
		<input type="hidden" name="dataid" value="{$id}" readonly />
		<div class="head">
			<button type="button" class="waves-effect btn-flat" onclick="history.back()"><i class="material-icons">keyboard_return</i></button>
			<button type="submit" class="waves-effect btn-flat blue accent-4 white-text">Submit</button>
			<div class="right">
			<button type="button" class="waves-effect btn-flat" onclick="window.open('{$uploadurl}{$page}/{$picture}')"><i class="material-icons left">file_download</i>Photo</button>
			<button type="button" class="waves-effect btn-flat" onclick="window.open('{$uploadurl}{$page}/{$resume}')"><i class="material-icons left">file_download</i>Resume</button>
			</div>
		</div>
		<div class="body">
			<div class="row">
				<div class="col s12 m3 l3">
					<label for="category">category<b class="red-text right">*</b></label>
					<input type="text" name="category" value="{$category}" id="category" />
				</div>
				<div class="col s12 m3 l3">
					<label for="categories">categories</label>
					<select name="categories" id="categories" class="browser-default" onchange="this.form.category.value=this.value;">
						<option value="" selected>Select category</potion>
						{$categories}
					</select>
				</div>
				<div class="col s12 m3 l3">
					<label for="subcategory">sub category</label>
					<input type="text" name="subcategory" value="{$subcategory}" id="subcategory" />
				</div>
				<div class="col s12 m3 l3">
					<label for="subcategories">sub categories</label>
					<select name="subcategories" id="subcategories" class="browser-default" onchange="this.form.subcategory.value=this.value;">
						<option value="" selected>Select sub category</potion>
						{$subcategories}
					</select>
				</div>
			</div>
			<div class="row">
				<div class="col s12 m4 l4">
					<label for="name">editor name<b class="red-text right">*</b></label>
					<input type="text" name="name" value="{$name}" id="name" />
				</div>
				<div class="col s12 m4 l4">
					<label for="degree">degree</label>
					<input type="text" name="degree" value="{$degree}" id="degree" />
				</div>
				<div class="col s12 m4 l4">
					<label for="post">post</label>
					<input type="text" name="post" value="{$post}" id="post" />
				</div>
			</div>
			<div class="row">
				<div class="col s12 m12 l12">
					<label for="content">content<b class="red-text right">*</b></label>
					<input type="text" name="content" value="{$content}" id="content" />
				</div>
			</div>
			<div class="row">
				<div class="col s12 m12 l6">
					<label for="email">email</label>
					<div class="flex">
						<input type="text" name="email" value="{$email}" id="email" />
						<label for="emailshow" class="chklab right"><input type="checkbox" name="emailshow" value="Y" id="emailshow" checked />show</label>
					</div>
				</div>
				<div class="col s12 m12 l6">
					<label for="phone">phone</label>
					<div class="flex">
						<input type="text" name="phone" value="{$phone}" class="phone" id="phone" />
						<label for="phoneshow" class="chklab right"><input type="checkbox" name="phoneshow" value="Y" id="phoneshow" checked />show</label>
					</div>
				</div>
			</div>
			<div class="row">
				<div class="col s12 m12 l12">
					<label for="send_email" class="chklab left"><input type="checkbox" name="send_email" value="Y" id="send_email" checked />send email</label>
					<label for="send_certificate" class="chklab left"><input type="checkbox" name="send_certificate" value="Y" id="send_certificate" onclick="if(this.checked)this.form.send_email.checked=true;" checked />send certificate</label>
					<label for="send_sms" class="chklab left"><input type="checkbox" name="send_sms" value="Y" id="send_sms" checked />send sms</label>
				</div>
			</div>
		</div>
EOJ;
	else:
		echo '<div>Invalid data selection.</div>';
	endif;
else:
	if($opt1 === 'search'):
		$stmt = $mysqli->prepare("SELECT * FROM $table WHERE (name LIKE ? OR degree LIKE ? OR post LIKE ? OR content LIKE ? OR email LIKE ? OR phone LIKE ?)") or die($mysqli->error);
		$stmt->bind_param('ssssss', $keyword, $keyword, $keyword, $keyword, $keyword, $keyword);
		$stmt->execute();
		$stmt->store_result();
		$total_rows = $stmt->num_rows();
		$stmt->close();
	else:
		$stmt = $mysqli->prepare("SELECT * FROM $table") or die($mysqli->error);
		$stmt->execute();
		$stmt->store_result();
		$total_rows = $stmt->num_rows();
		$stmt->close();
	endif;
echo <<<EOJ
	<div class="head">
		<button type="submit" class="waves-effect btn-flat" onclick="_sopt('downloademails')"><i class="material-icons left">file_download</i>Emails</button>
		<button type="submit" class="waves-effect btn-flat red h" onclick="_sopt('delete', 'Do you really want to delete?')"><i class="material-icons white-text">delete</i></button>
		{$pagination->get($total_rows, $page_number, $item_per_page)}
	</div>
	<table class="table">
		<thead>
		<tr>
		<th class="xs center-align" nowrap><input type="checkbox" name="checkall" value="" class="checkall" /></th>
		<th class="xs center-align" nowrap>s. no.</th>
		<th class="xs center-align" nowrap>picture</th>
		<th>category</th>
		<th>name</th>
		<th>email</th>
		<th class="lg right-align" nowrap>creation</th>
		<th class="sm center-align" nowrap>action</th>
		</tr>
		</thead>
		<tbody>
EOJ;
		if($opt1 === 'search'):
			$stmt = $mysqli->prepare("SELECT $firstcol, category, name, email, picture, creation FROM $table WHERE (name LIKE ? OR degree LIKE ? OR post LIKE ? OR content LIKE ? OR email LIKE ? OR phone LIKE ?) ORDER BY $firstcol DESC LIMIT $page_position, $item_per_page") or die($mysqli->error);
			$stmt->bind_param('ssssss', $keyword, $keyword, $keyword, $keyword, $keyword, $keyword);
		else:
			$stmt = $mysqli->prepare("SELECT $firstcol, category, name, email, picture, creation FROM $table ORDER BY $firstcol DESC LIMIT $page_position, $item_per_page") or die($mysqli->error);
		endif;
		$stmt->execute();
		$stmt->store_result();
		if($stmt->num_rows() > 0):
			$stmt->bind_result($id, $category, $name, $email, $picture, $creation);
			while($stmt->fetch()):
				$snum = $page_number === 1 ? $snum + 1 : $page_position++ + 1;
				$picture = ($picture && file_exists($uploadpath.$page.'/'.$picture)) ? $uploadurl.$page.'/'.$picture : $imageurl.'avatar_2x.png';
echo <<<EOJ
				<tr>
				<td class="center-align" nowrap><input type="checkbox" name="dataid[]" value="{$id}" class="checkbox" /></td>
				<td class="center-align" nowrap>{$snum}</td>
				<td class="center-align" nowrap><img src="{$picture}" alt="{$name}" class="circle" width="36" height="36" /></td>
				<td>{$category}</td>
				<td>{$name}</td>
				<td>{$email}</td>
				<td class="right-align" nowrap>{$fn->nice_date($creation)}</td>
				<td class="center-align" nowrap><button type="button" class="blue-text text-accent-4" onclick="_curl('add/{$id}')">add</button></td>
				</tr>
EOJ;
			endwhile;
		else:
			echo '<tr><td colspan="8" class="center-align">MySQL returned an empty result set (i.e. zero rows).</td></tr>';
		endif;
		$stmt->close();
	echo '</tbody>';
	echo '</table>';
endif;
?>

Youez - 2016 - github.com/yon3zu
LinuXploit