403Webshell
Server IP : 202.29.229.35  /  Your IP : 18.216.220.6
Web Server : Apache
System : Linux aapanel2 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
User : www ( 1001)
PHP Version : 5.5.38
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /www/wwwroot/www.ivecr2.ac.th/system_admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/www.ivecr2.ac.th/system_admin/subject_nameaEditOK.php
<?php 
session_start();
if($_SESSION['r_statuslogin'] != 1){
 echo '<script language="javascript">alert("สำหรับผู้ดูแลระบบเท่านั้น")</script>';
 echo'<meta http-equiv="refresh" content="0;url=../index.php">';
 exit();
}

						
						$adID=$_POST['adID'];
						$aduser=$_POST['aduser'];
						$adpass=$_POST['adpass'];
						//echo "===>".$adpass."<br>";
						
						if($adpass !="" ){
							$adpass_ori=md5($_POST['adpass']);
							//echo "news pass=>".$adpass_ori."<br>";
						}else{
							$adpass_ori=$_POST['adpassold'];//รหัสเก่า
							//echo "old pass=>".$adpass_ori."<br>";//รหัสเก่า
						}
						
						$adFname=$_POST['adFname'];
						$adLname=$_POST['adLname'];
						$addepartmentID=$_POST['selectwork'];
						
						$photo_old=$_POST['photo_old'];//รูปเก่า
						
						$tmp_name=$_FILES["filePIC"]["tmp_name"];
						$filename=$_FILES["filePIC"]["name"];

						
						$sqldpt="select * from  tbl_departmentall where daNodpt='$addepartmentID' ";
						$resultsqldpt=mysql_query($sqldpt,$connect1);
						$rsdpt=mysql_fetch_array($resultsqldpt);
						
							$no_dpt=$rsdpt['daNo'];
							$addepartment=$rsdpt['daFname'];
							$daNickname=$rsdpt['daNickname'];
							
							
				if($tmp_name !=""){
					$ext=strtolower(end(explode(".",$filename)));
					if($ext=="jpg" or $ext=="gif" or $ext=="png"){
						}else{
						echo "<script language='javascript'>alert('นามสกุลไฟล์ไม่ถูกต้อง   ไฟล์ต้องเป็น  .jpg/.png/.gif เท่านั้น')</script>";
						echo '<meta http-equiv="refresh"content="0;url=?i=subject_nameaEdit&adID='.$adID.'">';
						exit();
					}
		$filedoc_ori="pic".date("Ymdhis").".".$ext;
		
		$sql1="select * from tbladmin where adID='$adID'";
		$result1=mysql_query($sql1,$connect1);
		$rs1=mysql_fetch_array($result1);
			$file1=$rs1['adPhoto'];
			//echo "pic old=>".$file1."<br>";
					if($file1<>""){
						if(file_exists("file_pictureadmin/$file1")){
							unlink("file_pictureadmin/$file1");
						}
					}
			copy($tmp_name,"file_pictureadmin/".$filedoc_ori);
		}else{
			$filedoc_ori=$photo_old;
		} 
						$sqlwork1="update tbladmin set adUser='$aduser',adPass='$adpass_ori',adFname='$adFname',adLname='$adLname',addepartmentID='$addepartmentID',addepartment='$addepartment',no_dpt='$no_dpt',adPhoto='$filedoc_ori' where adID='$adID'";
						$resqlwork1=mysql_query($sqlwork1,$connect1);
						//echo "sql=>".$sqlwork1;
						
						echo "<script language='javascript'>alert('แก้ไขข้อมูลเรียบร้อยแล้ว')</script>";
						echo '<meta http-equiv="refresh" content="0;url=?i=subject_nameall">';
						exit();
						
?>

Youez - 2016 - github.com/yon3zu
LinuXploit