403Webshell
Server IP : 192.169.170.185  /  Your IP : 216.73.216.97
Web Server : Apache
System : Linux p3plmcpnl495852.prod.phx3.secureserver.net 4.18.0-553.52.1.lve.el8.x86_64 #1 SMP Wed May 21 15:31:29 UTC 2025 x86_64
User : akhilnew ( 1712764)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/akhilnew/public_html/journalofpoliticalscience.com/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/akhilnew/public_html/journalofpoliticalscience.com/downloadarticle.php
<?php
if (file_exists('inc/config.php')) {
	require_once('inc/config.php');
} else {
	die('Required file doesn\'t exist.');
}

$refnumber = filter_input(INPUT_POST, 'refnumber', FILTER_SANITIZE_STRING);
$refnumber = $mysqli->real_escape_string($refnumber);

$token = filter_input(INPUT_POST, 'token', FILTER_SANITIZE_STRING);
$token = $mysqli->real_escape_string($token);

if ($_SERVER['REQUEST_METHOD'] === 'POST' && $refnumber && $token) {
	$stmt = $mysqli->prepare("SELECT file FROM archives WHERE (refnumber = ? AND download_token = ?) LIMIT 1") or die('An error occurred. Please try after some time.');
	$stmt->bind_param('ss', $refnumber, $token);
	$stmt->execute();
	$stmt->store_result();
	$stmt->bind_result($file);
	$stmt->fetch();
	$stmt->close();

	$filePath = 'uploads/archives/' . $file;

	if (file_exists($filePath)) {
		$stmt = $mysqli->prepare("UPDATE archives SET download_token = null WHERE (refnumber = ? AND download_token = ?) LIMIT 1");
		$stmt->bind_param('ss', $refnumber, $token);
		$stmt->execute();
		$stmt->close();

	    header('Content-Type: application/octet-stream');
	    header('Content-Disposition: attachment; filename="' . $file . '"');
	    header('Content-Length: ' . filesize($filePath));

		readfile($filePath);
		exit;
	}
}

header('location:' . $baseurl);

Youez - 2016 - github.com/yon3zu
LinuXploit